durable-mcp-python
by reboot-dev
Overview
A framework for building durable and fault-tolerant Model Context Protocol (MCP) servers in Python, enabling stateful operations and graceful recovery from disconnections or reboots.
Installation
rbt dev run --python --application=path/to/main.py --working-directory=. --no-generate-watchSecurity Notes
CRITICAL: The server uses `pickle.loads(request.message_bytes)` in `reboot/mcp/servicers/session.py` to deserialize client-provided data. Deserializing untrusted pickled data can lead to arbitrary code execution, making this a severe vulnerability if `message_bytes` originates directly from external, untrusted client input. While authentication is implemented, the `pickle.loads` operation itself from untrusted source is a fundamental risk.
Similar Servers
fastmcp
FastMCP is an ergonomic interface for the Model Context Protocol (MCP), providing a comprehensive framework for building and interacting with AI agents, tools, resources, and prompts across various transports and authentication methods.
tmcp
A server implementation for the Model Context Protocol (MCP) to enable LLMs to access external context and tools.
mcp-compose
This server provides a robust example of OAuth2 authentication for MCP (Model Context Protocol) servers, using GitHub as the identity provider. It demonstrates secure multi-server management, protocol translation, and integration with AI agents for tool invocation.
aiohttp-mcp
Builds Model Context Protocol (MCP) servers on top of the aiohttp web framework, enabling structured communication for AI agents and tools.