web-search-mcp
by schwarztim
Overview
Provides web search and page content fetching capabilities using DuckDuckGo for LLM proxies via the Model Context Protocol.
Installation
node dist/index.jsSecurity Notes
The `fetch_page` tool allows fetching arbitrary user-provided URLs. This introduces a significant Server-Side Request Forgery (SSRF) risk, enabling potential access to internal network resources, port scanning, or DoS attacks if the server is not deployed in a strictly isolated environment with egress filtering. Although there is a 10-second timeout on requests, it does not mitigate the core SSRF vulnerability. The HTML scraping for search results is robust enough but relies on regex, which can be brittle to changes in DuckDuckGo's HTML structure. No 'eval' or hardcoded secrets were found.
Similar Servers
mcp-omnisearch
Provides a unified interface for various search, AI response, content processing, and enhancement tools via Model Context Protocol (MCP).
mcp-local-rag
Provides a local, RAG-like web search tool for Large Language Models to retrieve current information and context.
kindly-web-search-mcp-server
Provides web search with robust, LLM-optimized content retrieval from various sources (StackExchange, GitHub, Wikipedia, arXiv, and general webpages) for AI coding assistants.
mcp-tavily
Provides AI-powered web search, answer generation, and news search capabilities to LLMs via the Tavily API for research, fact-finding, and gathering detailed information.