mcp-handler
Verified Safeby vercel
Overview
Provides a Vercel adapter for the Model Context Protocol (MCP), enabling real-time communication between applications and AI models through Next.js or Nuxt.
Installation
npm run devEnvironment Variables
- REDIS_URL
- KV_URL
Security Notes
The code correctly handles proxy headers (X-Forwarded-Host, X-Forwarded-Proto, Forwarded) to prevent URL spoofing and ensure accurate public-facing URLs. It implements Bearer token authentication following MCP Authorization Specification, including checks for required tokens, scopes, and token expiration, and returns appropriate WWW-Authenticate headers. Explicit CORS headers are set for OAuth metadata endpoints. For Server-Sent Events (SSE), it integrates with Redis for messaging, relying on secure external configuration of the Redis URL via environment variables. Comprehensive cleanup logic for SSE connections helps prevent resource leaks and potential denial-of-service issues. No instances of 'eval', code obfuscation, hardcoded secrets, or overtly malicious patterns were identified. Security heavily depends on the secure configuration of its host environment (e.g., Next.js/Nuxt) and Redis.
Similar Servers
nuxt-mcp-dev
This server provides development context and real-time insights from Vite/Nuxt applications to AI models via a Model Context Protocol (MCP) server.
mcp-toolkit
Develop a Model Context Protocol (MCP) server directly within a Nuxt application, allowing AI agents to interact with application functionalities, access data, and utilize predefined prompts.
toolhive-cloud-ui
A UI for interacting with AI models via OpenRouter and managing/utilizing MCP (Model Context Protocol) servers and their tools from a centralized catalog.
ai-sdk-provider-claude-code
Provides a Vercel AI SDK integration for Claude models, specifically designed to enable universal tool support by translating AI SDK tools to Claude Code's XML format, eliminating the need for separate MCP servers.