template-mcp-server
by pikkujs
Overview
Develop and deploy a Model Context Protocol (MCP) server that provides AI-compliant tools, resources, and prompts for managing a todo list application.
Installation
npx tsx src/start.tsSecurity Notes
The application contains a hardcoded JWT secret ('super-secret-jwt-key-change-in-production') which is a critical vulnerability for production deployments. A generic HTTP endpoint (`/rpc/:rpcName`) exposes RPC functions marked as 'exposed' without authentication (`auth: false`), requiring careful management of which functions are exposed. Furthermore, an internal remote RPC queue worker (`pikku-remote-internal-rpc`) explicitly notes a 'security risk' as it allows invoking any internal RPC by name (`rpc.invoke`) without further validation, which could be exploited if an attacker can inject messages into this queue.
Similar Servers
tmcp
A server implementation for the Model Context Protocol (MCP) to enable LLMs to access external context and tools.
mcp-typescript-template
This project provides a foundational TypeScript template for developing remote Model Context Protocol (MCP) servers with robust tooling and best practices.
mcp
An MCP server providing a set of mathematical tools (calculator functions) for remote execution via the Model Context Protocol.
mcp_server
This server implements the Model Context Protocol (MCP) to expose developer-defined tools as a HTTP API, specifically demonstrating a task creation tool.