mcp-framework
Verified Safeby koki7o
Overview
A Rust framework implementing the Model Context Protocol for building production-ready MCP servers, clients, and intelligent AI agents that integrate with LLMs for tool use and browser automation.
Installation
cargo run --example server_with_toolsEnvironment Variables
- ANTHROPIC_API_KEY
- OPENAI_API_KEY
Security Notes
The `stdio` connector utilizes `std::process::Command` to spawn subprocesses. While the provided examples use trusted commands (e.g., `npx @playwright/mcp`), custom or untrusted command strings passed to `McpClient::new` or `MCPServerConfig::from_command` can lead to arbitrary command execution. Developers must ensure that inputs configuring `stdio` connections are validated and originate from trusted sources. The web-based Inspector (debug UI) binds to `127.0.0.1:8123` by default, limiting external network exposure. However, it exposes API endpoints (`/api/call-tool`) that allow interactive execution of registered tools, which could be abused by a local user or another process if tools have unintended side effects or vulnerabilities. Hardcoded API keys or sensitive credentials are not present; the framework correctly uses environment variables.
Similar Servers
mcp-use
A full-stack framework for building Model Context Protocol (MCP) servers, MCP clients, and AI agents in both Python and TypeScript, supporting interactive UI widgets and robust debugging.
tmcp
Build Model Context Protocol (MCP) servers for AI agents, providing schema-agnostic tools, resources, and prompts, with optional OAuth 2.1 authentication and distributed session management.
rust-mcp-sdk
A high-performance, asynchronous Rust SDK for building Model Context Protocol (MCP) servers and clients, simplifying protocol handling, enabling tool-based interactions, and supporting multiple transports and authentication methods.
rust-docs-mcp
Provides AI agents with deep, cached access to Rust crate documentation, source code, and project structure for enhanced development.