Letta-MCP-server
Verified Safeby oculairmedia
Overview
A Model Context Protocol (MCP) server that provides comprehensive tools for agent management, memory operations, and integration with the Letta system.
Installation
npx letta-mcp --httpEnvironment Variables
- LETTA_BASE_URL
- LETTA_PASSWORD
- PORT
- NODE_ENV
- XBACKBONE_URL
- XBACKBONE_TOKEN
Security Notes
The server acts as a proxy for the Letta API. Core security risks related to user-provided code execution (e.g., in `upload_tool`) are primarily handled by the Letta backend, not this MCP server directly. The HTTP transport includes origin validation (CORS) to prevent certain web-based attacks. However, there are potential local file system interaction risks in `export_agent` and `import_agent` if an attacker can manipulate file paths (e.g., directory traversal), though `path.resolve` mitigates some of this. The `export_agent` tool also supports uploading to a configurable XBackbone URL, which could introduce SSRF vulnerabilities if the `xbackbone_url` argument is not strictly controlled by environment variables and can be influenced by a malicious client. `LETTA_PASSWORD` is correctly handled as an environment variable.
Similar Servers
agentor
Build and deploy scalable AI agents that can interact with various tools and communicate via A2A and MCP protocols.
ncp
NCP acts as a universal adapter and orchestrator for Model Context Protocol (MCP) servers and tools. It provides a unified interface for discovery, execution, and management of diverse tools (local CLI, HTTP APIs, internal plugins/Photons, AI skills) through natural language and structured code interaction, enabling AI agents to interact with the broader digital ecosystem.
mcp-servers
An MCP server for managing files in Google Cloud Storage, supporting CRUD operations (save, get, search, delete) and exposing files as resources.
mmcp
Manages Model Context Protocol (MCP) server definitions in a central configuration and applies them to various AI agent tools.