mcp_server
Verified Safeby waalexan
Overview
This server provides an API for AI agents and LLMs to interact with web application functionality and retrieve content, adhering to the Model Context Protocol (MCP) using Next.js.
Installation
npm run devEnvironment Variables
- NEXT_PUBLIC_BASE_URL
- NODE_ENV
Security Notes
The codebase generally follows good security practices for a Next.js application. Input validation for registered tools is performed using Zod, mitigating common injection risks. User-provided data (`newValue.name` in `page.tsx`) is rendered within JSX, which automatically escapes string content, preventing Cross-Site Scripting (XSS) in that context. The `getHtmlFromPage` utility fetches content only from the application's own `baseURL`, reducing Server-Side Request Forgery (SSRF) risk. No direct use of `eval` or obvious obfuscation was found. The main security considerations would be the broader ecosystem's handling of the `text/html+skybridge` widget content and the trustworthiness of external LLM interactions.
Similar Servers
toolhive-cloud-ui
A UI for interacting with AI models via OpenRouter and managing/utilizing MCP (Model Context Protocol) servers and their tools from a centralized catalog.
carmenta
A heart-centered AI platform that unifies external services and internal AI agents into a single conversational interface, facilitating intelligent routing, personal knowledge management, and automated task execution.
mcp-gpt-proxy
Enhances existing Model Context Protocol (MCP) servers with OpenAI GPT Apps SDK UI widgets for ChatGPT without modifying the original server.
react-native-devtools-mcp
This server bridges React Native DevTools to AI assistants, enabling debugging, profiling, and inspection of React Native applications through the Model Context Protocol (MCP).