mcp-registry
Verified Safeby ravitemer
Overview
This repository serves as a centralized, community-maintained registry for Model Context Protocol (MCP) servers, providing structured installation configurations to facilitate discovery and integration for MCP clients and hubs.
Installation
npm run buildEnvironment Variables
- GITHUB_TOKEN
- GITHUB_PAT
Security Notes
The registry codebase (scripts and schemas) is generally sound. It uses 'js-yaml.load' which can be risky with untrusted input; however, YAML files are part of the version-controlled repository, subject to PR review, and validated by a strict Zod schema, significantly mitigating this vulnerability by preventing unexpected fields. No 'eval', obfuscation, or hardcoded secrets are present within the registry's core logic. The 'enrich.js' script safely retrieves data from GitHub API. The potential for malicious commands within the 'config' field of server definitions is a risk for external MCP clients that execute these configurations, not the registry's own operations.
Similar Servers
awesome-mcp-servers
This repository serves as a curated directory for discovering a wide range of Model Context Protocol (MCP) servers, designed to extend AI capabilities by enabling interaction with local and remote resources.
registry
The MCP registry provides MCP clients with a list of MCP servers, acting as an app store for MCP servers by cataloging their metadata.
mcpm.sh
This server provides a command-line interface to manage Model Context Protocol (MCP) servers, allowing users to discover, install, configure, run, share, and monitor them.
registry
This repository serves as a centralized registry and validation framework for biomedical Model Context Protocol (MCP) servers, enhancing their discoverability and ensuring metadata compliance for an AI-driven ecosystem.