chromadb-remote-mcp
Verified Safeby meloncafe
Overview
Remotely connects AI assistants (like Claude) to a self-hosted ChromaDB instance for shared, persistent vector memory and semantic search.
Installation
docker compose up -dEnvironment Variables
- MCP_AUTH_TOKEN
Security Notes
The server demonstrates strong security practices, including explicit log sanitization to prevent log injection, timing-safe token comparison to mitigate timing attacks, robust origin header validation to prevent DNS rebinding, and comprehensive security headers (CSP, X-Frame-Options, HSTS). It uses environment variables for all secrets (`MCP_AUTH_TOKEN`, `CHROMA_AUTH_TOKEN`) and includes a rate limiter. The project explicitly states resolving all OWASP and CWE security findings. The primary area for caution noted by the project itself is the deprecated use of query parameters for authentication, which is enabled by default for compatibility but less secure than header-based methods.
Similar Servers
mcp-memory-keeper
Provides persistent context management for Claude AI coding assistants, ensuring work history, decisions, and progress are preserved across sessions and context limits.
claude-memory-mcp
Provides local, persistent, and token-aware memory for Claude Desktop and other MCP-compatible AI assistants.
claude-conversation-memory-mcp
Provides long-term memory for AI coding assistants by indexing conversation history with semantic search, decision tracking, and cross-project search.
vibes
Vibes transforms Claude Desktop into a conversational development environment through distributed MCP servers, allowing users to describe what they want to build and have Claude implement it while teaching them.