governmcp
Verified Safeby serkan-uz
Overview
A control plane for Model Context Protocol (MCP) servers, enabling user and role management, MCP server registration, tool metadata, policy enforcement, capability token issuance, and comprehensive audit logging.
Installation
cd api && uvicorn main:app --reloadEnvironment Variables
- GOVERNMCP_SECRET
- GOVERNMCP_JWT_PRIVATE_KEY
- GOVERNMCP_JWT_PUBLIC_KEY
- DATABASE_URL
Security Notes
The server demonstrates good security practices such as using environment variables for critical secrets (Fernet key for encryption, JWT private/public keys), employing JWTs for capability tokens with a public JWKS endpoint for verification, and implementing comprehensive audit logging. It also includes a hardcoded block for 'delete' actions, regardless of policy. However, there are critical vulnerabilities if default configurations are used in production: 1) The API's `CORSMiddleware` is configured with `allow_origins=["*"]`, which is highly insecure for a production API handling user authentication. This should be restricted to known client origins. 2) The `docker-compose.yml` hardcodes default `POSTGRES_USER` and `POSTGRES_PASSWORD` (`governmcp:governmcp`), which poses a significant risk if deployed without overriding these credentials. While secrets are loaded from environment variables for keys, these defaults undermine that effort in a Docker setup.
Similar Servers
mcp-context-forge
Converts web content (HTML, PDF, DOCX, etc.) and local files from a URL into high-quality Markdown format. It supports multiple conversion engines, content optimization, batch processing, and image handling.
mcphub
An orchestration hub that aggregates, manages, and routes Model Context Protocol (MCP) servers and their tools, providing a centralized interface, user management, OAuth 2.0 authorization server capabilities, and AI-powered tool discovery and routing.
mesh
An open-source control plane for Model Context Protocol (MCP) traffic, providing unified authentication, routing, observability, and tool management for AI agents and integrations across various services.
1xn-vmcp
An open-source platform for composing, customizing, and extending multiple Model Context Protocol (MCP) servers into a single logical, virtual MCP server, enabling fine-grained context engineering for AI workflows and agents.