swagger-mcp-server
Verified Safeby seeeeeeong
Overview
An MCP (Model Context Protocol) server that enables Large Language Models (LLMs) to understand and interact with external APIs by providing structured access to Swagger/OpenAPI documentation.
Installation
./gradlew bootJar && java -jar build/libs/swagger-mcp-server-0.0.1-SNAPSHOT.jarEnvironment Variables
- OPENAI_API_KEY
Security Notes
The server fetches Swagger JSON from a configurable URL (`blog.api.url`) using RestTemplate. If this URL can be controlled by an attacker or points to an untrusted external source, it could lead to Server-Side Request Forgery (SSRF). The `getFullSwaggerJson` tool exposes the entire Swagger document, which might contain sensitive internal details if the server is exposed publicly and the Swagger specification is not filtered. Input validation is present for tool parameters, and there are no signs of 'eval', obfuscation, or hardcoded secrets (API keys are read from environment variables).
Similar Servers
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers.
mcp-openapi-server
A Model Context Protocol (MCP) server that exposes OpenAPI endpoints as MCP tools, along with optional support for MCP prompts and resources, enabling Large Language Models to interact with REST APIs.
mcp-annotated-java-sdk
Annotation-driven framework for building Model Context Protocol (MCP) servers in Java, simplifying the definition and integration of resources, prompts, and tools for LLM applications.
infobip-openapi-mcp
Exposes any OpenAPI documented HTTP API as a Model Context Protocol (MCP) server for AI agents, with support for mock mode and authentication.