bifrost
by maximhq
Overview
A high-performance AI gateway with a unified interface for multiple providers, offering real-time monitoring, configuration management, and comprehensive observability for AI infrastructure.
Installation
npx bifrostEnvironment Variables
- BIFROST_ENCRYPTION_KEY
- BIFROST_HOST
- BIFROST_MODEL_CATALOG_URL
- MAXIM_LOG_REPO_ID
- OPENAI_API_KEY
- ANTHROPIC_API_KEY
- AZURE_DEPLOYMENTS
- VERTEX_AUTH_CREDENTIALS
- BEDROCK_ACCESS_KEY
- POSTGRES_USERNAME
- POSTGRES_PASSWORD
- POSTGRES_HOST
- POSTGRES_DATABASE
- REDIS_USERNAME
- REDIS_PASSWORD
- REDIS_HOST
- REDIS_PORT
- QDRANT_API_KEY
- QDRANT_HOST
- QDRANT_USE_TLS
- WEAVIATE_API_KEY
- WEAVIATE_HOST
- OTEL_COLLECTOR_URL
- MCP_SERVER_URL
Security Notes
Critical security risks include an empty default 'bifrost.encryptionKey' in Helm charts, which if not configured, leaves sensitive data (like AI provider API keys) unencrypted. Default PostgreSQL database credentials ('bifrost_password') also pose a risk if not changed. The system supports dynamic plugin loading from file paths or HTTP/HTTPS URLs, which introduces potential vulnerabilities if untrusted plugins are used or if sandboxing is insufficient. While the UI uses environment variables for sensitive data, the backend's storage and handling without a robust encryption key are concerning.
Similar Servers
klavis
Creates an AI agent that uses Klavis Strata to interact with Gmail and YouTube through MCP, demonstrating how to summarize a YouTube video and email the summary.
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers for integration with LLM agents and other applications.
mcp-context-forge
A comprehensive Model Context Protocol (MCP) gateway and proxy that unifies REST, MCP, and A2A services, providing features like federation, virtual servers, rate-limiting, security, and an optional admin UI for managing web content and file conversions to markdown.
lunar
A Model Context Protocol (MCP) server that acts as a control plane for AI agents and tools, providing management, access control, and observability for AI API calls.