Back to Home
monok8i icon

mcp-explorer

by monok8i

View Source

Overview

A web application for testing and exploring Model Context Protocol (MCP) servers by acting as an API gateway for tool execution.

Installation

Run Command
docker-compose up --build

Environment Variables

  • NEXT_PUBLIC_API_URL

Security Notes

CRITICAL SECURITY RISK: The `POST /mcp/stdio/connect` endpoint allows users to specify arbitrary `command`, `args`, and `env` parameters, which are directly used to spawn subprocesses on the backend server. This design choice enables Remote Code Execution (RCE) by anyone who can access the API. There is no authentication or authorization layer to restrict who can initiate these connections. Furthermore, the `CORSMiddleware` is configured with `allow_origins=['*']`, which is a significant security vulnerability in a production environment as it allows cross-origin requests from any source, potentially facilitating CSRF and other attacks. The entire application is unsafe to run if the backend API is exposed to untrusted networks or users. It should only be used in a highly controlled and isolated development environment.

Similar Servers

planet-mcp

8

A Python-based project or service, likely related to development or build automation, given the tooling present.

5
$Low

mcp-boilerplate-node

4

This boilerplate provides common code for creating a Model Context Protocol (MCP) server in Node.js, focusing on integrating 'skills' (modular agent capabilities) as tools and resources for LLM agents.

Other
6
$Medium

mcp-servers

2

A foundational Python project providing basic components and utilities for building modular server-like applications.

Other
8
$Low

mcp-repo-onboarding

1

Analyzes local Python and Node.js repositories to generate and maintain practical ONBOARDING.md documentation.

Other
9
$Medium

Stats

Interest Score31
Security Score1
Cost ClassLow
Avg Tokens300
Stars1
Forks0
Last Update2026-01-13

Tags

MCPAPI GatewayTool ExecutionWeb UIDeveloper Tool