mcp
by zuplo
Overview
An MCP server providing a set of mathematical tools (calculator functions) for remote execution via the Model Context Protocol.
Installation
npm install && npm run build && npm run startSecurity Notes
The `HTTPStreamableTransport`'s `isValidOrigin` method currently returns `true` unconditionally, which is explicitly called out in the source code as a DNS rebinding vulnerability: 'Servers MUST validate the Origin header on all incoming connections to prevent DNS rebinding attacks'. This default behavior makes the server highly unsafe for public deployment without explicit origin validation configuration by the user. There's also a TODO to check request size, which could be a DoS vector for large JSON payloads. Otherwise, input validation for tools relies on Zod or custom validators, and tool handlers themselves seem to include basic error checks (e.g., division by zero, factorial limits), which is good.
Similar Servers
boilerplate-mcp-server
Provides a production-ready foundation for developing custom Model Context Protocol (MCP) servers in TypeScript to connect AI assistants with external APIs and data sources, exemplified by an IP geolocation tool.
mcp-typescript-template
This project provides a foundational TypeScript template for developing remote Model Context Protocol (MCP) servers with robust tooling and best practices.
leanmcp-sdk
Building production-ready Model Context Protocol (MCP) servers with TypeScript, supporting features like authentication, elicitation, and UI integration for AI agents.
photon
A multi-tenant platform for hosting and executing AI/ML "Photons" (modular tools/services) with robust authentication, session management, and OAuth capabilities, supporting various data stores.