mcp-server
by nguyenmanmkt
Overview
A web-based Docker management platform for deploying, managing, and building custom AI tools (MCP servers) for integration with language models.
Installation
npm startEnvironment Variables
- MCP_ENDPOINT
- GEMINI_API_KEY
- PERPLEXITY_API_KEY
Security Notes
CRITICAL: Multiple severe security vulnerabilities identified. User passwords are stored in plaintext in 'database.json'. The backend 'server.js' interacts directly with the Docker daemon socket, granting full control over the host's Docker environment via an API authenticated with plaintext credentials. The image build feature allows cloning arbitrary Git repositories and building Docker images, which is a critical Remote Code Execution (RCE) vulnerability if a malicious Dockerfile is provided. Furthermore, the 'calculator.py' MCP tool explicitly uses `eval(python_expression)` which is highly susceptible to RCE, even with attempts to limit scope. These combined issues make the system extremely vulnerable to unauthorized access, privilege escalation, and arbitrary code execution on the host.
Similar Servers
mcp-k8s-go
An MCP server enabling AI assistants and users to interact with and manage Kubernetes clusters by listing, getting, applying, and executing commands on Kubernetes resources.
toolhive-studio
ToolHive simplifies and secures the discovery, deployment, and management of Model Context Protocol (MCP) servers, enabling connections to AI agents and clients.
podman-mcp-server
Provides a Model Context Protocol (MCP) server interface for managing containers via Podman and Docker CLI commands.
1xn-vmcp
An open-source platform for composing, customizing, and extending multiple Model Context Protocol (MCP) servers into a single logical, virtual MCP server, enabling fine-grained context engineering for AI workflows and agents.