toolsdk-mcp-registry
by toolsdk-ai
Overview
A unified registry and API gateway for discovering, managing, and executing Model Context Protocol (MCP) servers, supporting local and secure sandbox execution with OAuth 2.1 integration.
Installation
docker compose up -dEnvironment Variables
- SANDOCK_API_KEY
- DAYTONA_API_KEY
- E2B_API_KEY
- MEILI_MASTER_KEY
- MCP_OAUTH_CLIENT_ID
- MCP_OAUTH_CLIENT_SECRET
Security Notes
The registry is designed to execute external MCP servers, which could be contributed by anyone. While it attempts to provide isolation via sandbox environments (Sandock, Daytona, E2B), a critical security risk exists due to the explicit fallback to 'LOCAL' execution if a sandbox fails or for non-Node.js runtimes when using a sandbox provider. This means that a malicious MCP server, if executed locally (e.g., due to sandbox misconfiguration or failure), could lead to arbitrary code execution on the host system. The `CONTRIBUTING.md` encourages open contributions, increasing the risk if proper sandbox isolation is not strictly enforced without any local fallback for untrusted code. Hardcoded secrets are avoided in favor of environment variables.
Similar Servers
mcp-gateway-registry
This MCP server provides programmatic interaction with the MCP Gateway Registry API, enabling management of registered services and AI agents, including registration, toggling, health monitoring, group-based access control, and intelligent (semantic) discovery of tools and agents.
mcp-servers
Provides a curated collection of Model Context Protocol (MCP) server configurations to enable AI agents to interact with various developer tools and services.
agentor
Deploy scalable AI agents with tool integrations (weather, email, GitHub, etc.) and support for A2A and MCP communication protocols.
mcp-servers
An MCP server for fetching, cleaning, and intelligently extracting content from web pages, designed for agent-building frameworks.