http_mcp
Verified Safeby yeison-liscano
Overview
Implements a lightweight server for the Model Context Protocol (MCP) over HTTP and STDIO, allowing exposure of Python functions as discoverable and executable remote tools and prompts.
Installation
python tests/app/main.pyEnvironment Variables
- AUTHORIZATION_TOKEN
Security Notes
The server uses Pydantic for robust data validation and serialization of JSON-RPC messages, mitigating common injection and malformed request vulnerabilities. It supports scope-based authorization via Starlette's authentication system, providing a strong access control mechanism. No direct use of dangerous functions like 'eval' or 'exec' was found. HTTP message size limits are enforced. The STDIO transport constructs a dummy request object with controlled headers, preventing direct user-supplied header injection. Overall, the design prioritizes secure handling of inputs and outputs within the MCP specification.
Similar Servers
tmcp
A server implementation for the Model Context Protocol (MCP) to enable LLMs to access external context and tools.
zeromcp
A minimal, pure Python Model Context Protocol (MCP) server for exposing tools, resources, and prompts via HTTP/SSE and Stdio transports.
atlantis-mcp-server
An MCP (Model Context Protocol) server for hosting and managing dynamic Python functions and third-party MCP tools, enabling AI agents to discover and utilize shared capabilities across a network.
mcp_server
This server template provides a foundation for building Model Context Protocol (MCP) servers to integrate with AI assistants and other MCP clients, offering tools for GitHub, Microsoft Graph, weather data, and JWT decoding.