Back to Home
mapyr icon

mcp-hangar

Verified Safe

by mapyr

View Source

Overview

Lifecycle management and orchestration platform for Model Context Protocol (MCP) providers, focusing on auto-discovery, observability, and resilience for LLM tooling at scale.

Installation

Run Command
mcp-hangar --config config.yaml --http

Environment Variables

  • MCP_LOG_LEVEL
  • MCP_CONFIG
  • MCP_MODE
  • MCP_HTTP_PORT
  • MCP_JSON_LOGS
  • HANGAR_LANGFUSE_ENABLED
  • LANGFUSE_PUBLIC_KEY
  • LANGFUSE_SECRET_KEY
  • LANGFUSE_HOST
  • OTEL_EXPORTER_OTLP_ENDPOINT
  • OTEL_SERVICE_NAME
  • MCP_TRACING_ENABLED
  • MCP_ENVIRONMENT
  • MCP_AUTH_DB_PASSWORD
  • GITHUB_TOKEN
  • GOOGLE_APPLICATION_CREDENTIALS
  • SLACK_BOT_TOKEN
  • BRAVE_API_KEY
  • SENTRY_AUTH_TOKEN
  • SENTRY_ORG
  • SENTRY_PROJECT
  • MCP_CONTAINER_RUNTIME
  • MCP_CI_RELAX_VOLUME_PERMS

Security Notes

**CRITICAL VULNERABILITY**: The 'AUTH_SECURITY_AUDIT.md' report explicitly highlights a lack of rate limiting on authentication attempts, making the server vulnerable to brute-force attacks. **MEDIUM RISKS**: Absence of IP binding for API keys (allowing stolen keys to be used from any IP) and lack of automatic API key rotation are noted. While the project implements strong secure defaults for Kubernetes pods (runAsNonRoot, readOnlyRootFilesystem, dropped capabilities), input validation, command sanitization, and secrets masking in logs, the critical authentication weakness significantly lowers the overall security posture. Example Keycloak configuration files contain hardcoded secrets (`mcp-hangar-secret`), which should be replaced with proper secret management in production deployments.

Similar Servers

toolhive

1533

ToolHive simplifies and secures the deployment, management, and orchestration of Model Context Protocol (MCP) servers, integrating them with AI clients and providing features like authentication, authorization, and observability.

Other
9
$Low

mcp-k8s-go

368

This MCP server enables interaction with Kubernetes clusters to list, get, apply, and execute commands on various resources through a conversational interface.

Other
3
$Medium

mcp-k8s

136

Facilitates natural language interaction and automation for Kubernetes cluster management and Helm operations via the Model Control Protocol (MCP).

Other
7
$Low

1xn-vmcp

48

An open-source platform for composing, customizing, and extending multiple Model Context Protocol (MCP) servers into a single logical, virtual MCP server, enabling fine-grained context engineering for AI workflows and agents.

Other
4
$Medium

Stats

Interest Score40
Security Score4
Cost ClassMedium
Avg Tokens300
Stars7
Forks1
Last Update2026-01-19

Tags

AI/ML InfrastructureLLM ToolingKubernetesObservabilityProvider Orchestration