policy-document-reader
by super12v
Overview
Provides an MCP server that enables AI agents to read and list security policy documents from various sources and formats for infrastructure security policy creation.
Installation
docker-compose up --buildEnvironment Variables
- SERVER_HOST
- SERVER_PORT
- LOG_LEVEL
- METRICS_ENABLED
- METRICS_PORT
- SECRET_PROVIDER
- SECRET_ENDPOINT
Security Notes
The server has critical security 'TODO's that make it unsafe for production deployment as-is. Specifically, the 'read_document' and 'list_documents' tools contain 'TODO: Integrate with Vault' and currently use `credentials = {}`, meaning remote access credentials are not actually fetched from Vault, rendering credential paths ineffective. Agent authentication from JWT is also a 'TODO' and defaults to a hardcoded 'agent_id'. CORS `allow_origins=["*"]` is configured, which is a risk in production environments if not restricted. While positive features like PII redaction, input validation, audit logging, and size limits are present, the incomplete critical integrations are a severe vulnerability.
Similar Servers
klavis
Develop and deploy AI agents that interact with a wide array of web services (e.g., Gmail, YouTube, LinkedIn, Supabase, Salesforce, Kubernetes) through a standardized Model Context Protocol (MCP), often orchestrated by an intelligent routing layer like Strata.
mcp-servers
An MCP server for managing files in Google Cloud Storage, supporting CRUD operations (save, get, search, delete) and exposing files as resources.
agentxsuite
A unified open-source platform for connecting, managing, and monitoring AI agents and tools across various Model Context Protocol (MCP) servers.
AI-Prompt-Guide-MCP
Orchestrates AI agents for project management and development workflows by linking structured markdown specifications and tasks.