http_mcp
Verified Safeby yeison-liscano
Overview
This server implements the Model Context Protocol (MCP) to expose Python functions as discoverable and executable tools and prompts over HTTP or STDIO for AI assistant integration.
Installation
python tests/app/main.pyEnvironment Variables
- AUTHORIZATION_TOKEN
Security Notes
The server uses Pydantic for robust data validation of JSON-RPC messages and tool/prompt arguments, which significantly mitigates injection risks. It sets a maximum message size (4MB) for HTTP requests to prevent large payload attacks and implements comprehensive error handling for malformed requests. Authorization is supported through Starlette's scope-based system, delegating actual authentication to external middleware. No 'eval' or obvious obfuscation was found. While the framework provides a secure base, the overall security depends on the implementation of user-defined tools/prompts and the chosen authentication backend.
Similar Servers
tmcp
Build Model Context Protocol (MCP) servers for AI agents, providing schema-agnostic tools, resources, and prompts, with optional OAuth 2.1 authentication and distributed session management.
zeromcp
A minimal, pure Python Model Context Protocol (MCP) server for exposing tools, resources, and prompts via HTTP/SSE and Stdio transports.
atlantis-mcp-server
Provides a local Model Context Protocol (MCP) server for dynamically hosting and managing Python functions and third-party MCP servers, primarily for AI agent interaction, with optional cloud integration.
qtmcp
Provides a Model Context Protocol (MCP) server framework for AI applications, offering tool, resource, and prompt services via HTTP.