MCPJungle
Verified Safeby mcpjungle
Overview
A self-hosted gateway and registry for Model Context Protocol (MCP) servers, allowing AI agents to discover and consume tools from a central location.
Installation
curl -O https://raw.githubusercontent.com/mcpjungle/MCPJungle/refs/heads/main/docker-compose.yaml && docker compose up -dEnvironment Variables
- PORT
- DATABASE_URL
- SERVER_MODE
- OTEL_ENABLED
- OTEL_RESOURCE_ATTRIBUTES
- MCP_SERVER_INIT_REQ_TIMEOUT_SEC
- POSTGRES_HOST
- POSTGRES_PORT
- POSTGRES_USER
- POSTGRES_PASSWORD
- POSTGRES_DB
- POSTGRES_HOST_FILE
- POSTGRES_PORT_FILE
- POSTGRES_USER_FILE
- POSTGRES_PASSWORD_FILE
- POSTGRES_DB_FILE
Security Notes
The server includes robust authentication and authorization mechanisms for enterprise mode (admin/user roles, client access tokens). It uses `crypto/rand` for secure access token generation. The primary security concern lies with the STDIO transport for MCP servers, which allows executing arbitrary commands (e.g., `npx`, `uvx`) on the host machine. While in enterprise mode, registration requires admin privileges, in development mode, an unauthenticated user with network access could potentially register a malicious STDIO server, leading to Remote Code Execution (RCE) on the host. Production deployments should enforce strong network segmentation and strictly control who can register STDIO servers, and avoid mounting host filesystems as read-write volumes. The project's documentation acknowledges these risks.
Similar Servers
klavis
Creates an AI agent that uses Klavis Strata to interact with Gmail and YouTube through MCP, demonstrating how to summarize a YouTube video and email the summary.
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers.
mcp-context-forge
Retrieves web content and files from URLs, then converts them into high-quality Markdown format, supporting various content types and conversion engines.
mcphub
The MCPHub acts as a centralized gateway for managing and orchestrating various Model Context Protocol (MCP) servers and OpenAPI-compatible services. It provides a unified API, OAuth 2.0 authorization, user management, and AI-powered 'smart routing' for dynamic tool discovery and invocation.