restapi_mcp_server
by rahgadda
Overview
Enable LLMs to perform REST API calls by providing a Model Context Protocol (MCP) server that orchestrates HTTP requests and manages session/environment variables.
Installation
docker run --name restapi-mcp-server -p 9090:9090 -p 8765:8765 -v "./storage:/app/storage" -v "./logs:/app/logs" ghcr.io/rahgadda/restapi_mcp_server:0.0.1Environment Variables
- DEBUG
- HOST
- API_PORT
- MCP_API_PORT
- LOG_LEVEL
- STORAGE
- HTTP_PROXY
- HTTPS_PROXY
- NO_PROXY
- DEFAULT_HTTP_TIMEOUT
- UVICORN_RELOAD
- ENABLE_ERROR_LOG_MW
Security Notes
The `createRestAPICall` tool allows an LLM to specify an arbitrary URL (via the `url` parameter) for an HTTP request without any explicit URL validation, allow-listing, or sanitization. This is a significant Server-Side Request Forgery (SSRF) vulnerability. If the server is deployed in an environment with access to internal networks, a malicious or confused LLM prompt could lead to unauthorized access to internal services. Additionally, data is persisted to local CSV files (`environment.csv`, `transaction.csv`), which is not robust against concurrent access, data corruption, or secure storage requirements. No hardcoded secrets were found in the application source code.
Similar Servers
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers.
mcp-context-forge
Converts web content (HTML, PDF, DOCX, etc.) and local files from a URL into high-quality Markdown format. It supports multiple conversion engines, content optimization, batch processing, and image handling.
mcp-omnisearch
Provides a unified interface for various search, AI response, content processing, and enhancement tools via Model Context Protocol (MCP).
mcp-openapi-server
A Model Context Protocol (MCP) server that exposes OpenAPI endpoints as MCP tools, along with optional support for MCP prompts and resources, enabling Large Language Models to interact with REST APIs.