toolhive-registry-server
Verified Safeby stacklok
Overview
The ToolHive Registry Server acts as a central metadata hub for enterprises to curate, discover, and govern Model Context Protocol (MCP) servers, providing a unified catalog from various sources with built-in security and auditability.
Installation
thv-registry-api serve --config examples/config-git.yamlEnvironment Variables
- LOG_LEVEL
- THV_DATABASE_PASSWORD
- THV_DATABASE_MIGRATION_PASSWORD
- PGPASSFILE
- PGHOST
- PGPORT
- PGDATABASE
- PGUSER
Security Notes
The server demonstrates a strong focus on security, with OAuth/OIDC authentication enabled by default and extensive documentation on secure configuration (e.g., `sslMode: verify-full`, `pgpass` files for database credentials, two-user database security model). It also has a clear `SECURITY.md` policy for vulnerability reporting. While `docker/postgres-init.sh` contains hardcoded passwords for `app_password` and `migration_password`, this is within an initialization script for initial setup and explicitly advises using a `pgpass` file for password management, which mitigates the risk for production environments. The project uses `sqlc` for database interaction, which helps prevent SQL injection vulnerabilities.
Similar Servers
registry
The MCP registry provides MCP clients with a list of MCP servers, acting as an app store for MCP servers by cataloging their metadata.
Unla
A lightweight and highly available gateway service that converts existing MCP Servers and APIs into services compliant with the MCP Protocol through configuration.
tmcp
Build Model Context Protocol (MCP) servers for AI agents, providing schema-agnostic tools, resources, and prompts, with optional OAuth 2.1 authentication and distributed session management.
mcp-registry
This repository serves as a centralized, community-maintained registry for Model Context Protocol (MCP) servers, providing structured installation configurations to facilitate discovery and integration for MCP clients and hubs.