mcp-for-beginners
by microsoft
Overview
Building custom Model Context Protocol (MCP) servers for AI agent development, including weather data retrieval and GitHub repository automation.
Installation
PORT=3001 python src/__init__.py sseEnvironment Variables
- LOG_LEVEL
- PORT
- AZURE_OPENAI_CHAT_DEPLOYMENT_NAME
- AZURE_OPENAI_API_KEY
- AZURE_OPENAI_ENDPOINT
- AZURE_OPENAI_API_VERSION
- GITHUB_TOKEN
Security Notes
The server includes tools that execute system commands (`git clone`, `open_in_vscode`) based on user input. Specifically, the `open_in_vscode` tool on Windows uses `subprocess.run` with `shell=True` which is a critical security vulnerability if the `folder_path` contains malicious shell metacharacters, potentially leading to arbitrary code execution. There is no explicit input validation for URL formats or paths within the `git_clone_repo` and `open_in_vscode` tools themselves, relying on external command failures, which is not robust enough for untrusted inputs. However, no hardcoded secrets or direct `eval` calls were found in the provided server code snippets.
Similar Servers
mcp-python-starter
A feature-complete Model Context Protocol (MCP) server template in Python for developing AI applications and agents.
mcp-go-starter
A feature-complete Model Context Protocol (MCP) server template in Go demonstrating tools, resources, and prompts for AI agent interaction.
mcp-for-beginners
Demonstrates building custom Model Context Protocol (MCP) servers for various tasks like weather data retrieval, GitHub repository management, and integrating them with AI models via AI Toolkit and VS Code for enhanced developer workflows and study plan generation.
mcp-server-course
A training course and framework for building Model Context Protocol (MCP) servers that enable AI assistants to interact with external tools, resources, and data sources.