The Crossroads for AI Data Exchanges A unified MCP hub that gives your AI Knowledge , Memory , and Tools — not just a proxy. Manage and test all MCP servers from a single connection while powering document-aware and memory-augmented workflows across clients. The plugged.in MCP Proxy Server is a powerful middleware that aggregates multiple Model Context Protocol (MCP) servers into a single unified
Add this skill
npx mdskills install VeriTeknik/pluggedin-mcp-proxyComprehensive MCP proxy hub with RAG, memory, and multi-server aggregation capabilities
1# plugged.in MCP Hub — Proxy · Knowledge · Memory · Tools23<div align="center">4 <img src="https://plugged.in/_next/image?url=%2Fpluggedin-wl.png&w=256&q=75" alt="plugged.in Logo" width="256" height="75">5 <h3>The Crossroads for AI Data Exchanges</h3>6 <p>A unified MCP hub that gives your AI <strong>Knowledge</strong>, <strong>Memory</strong>, and <strong>Tools</strong> — not just a proxy. Manage and test all MCP servers from a single connection while powering document-aware and memory-augmented workflows across clients.</p>78 [](https://smithery.ai/server/@VeriTeknik/pluggedin-mcp)9 [](https://github.com/VeriTeknik/pluggedin-mcp/releases)10 [](https://github.com/VeriTeknik/pluggedin-mcp/stargazers)11 [](LICENSE)12 [](https://www.typescriptlang.org/)13 [](https://modelcontextprotocol.io/)14 [](https://lobehub.com/mcp/veriteknik-pluggedin-mcp)15</div>1617## 📋 Overview1819The plugged.in MCP Proxy Server is a powerful middleware that aggregates multiple Model Context Protocol (MCP) servers into a single unified interface. It fetches tool, prompt, and resource configurations from the [plugged.in App](https://github.com/VeriTeknik/pluggedin-app) and intelligently routes requests to the appropriate underlying MCP servers.2021This proxy enables seamless integration with any MCP client (Claude, Cline, Cursor, etc.) while providing advanced management capabilities through the plugged.in ecosystem.2223## Hub Pillars: Knowledge · Memory · Tools · Proxy2425**Knowledge (RAG v2 / AI Document Exchange)**26Search and ground model outputs with unified, attribution‑aware document retrieval. MCP servers can create and manage documents in your library with versioning, visibility controls, and model attribution. Use the built‑in RAG to search across all connected sources and return relevant snippets and metadata.2728**Memory (Persistent AI Memory)**29Long‑lived, workspace/profile‑scoped memory that survives sessions. The hub integrates with the plugged.in App's persistent memory so agent actions and insights can be stored and recalled across tasks. Built‑in memory tools are on the roadmap to expose low‑friction `get/put/search` patterns under the same auth model.3031**Tools**32Aggregate built‑in capabilities with downstream MCP servers (STDIO, SSE, Streamable HTTP). Tool discovery is cached and can be refreshed on demand; hub‑level discovery returns a unified catalog for any MCP client. The hub supports tools, resources, resource templates, and prompts.3334**Proxy**35One connection for every client. Run as STDIO (default) or Streamable HTTP with optional API auth and stateless mode. Works with Claude Desktop, Cline, Cursor, MCP Inspector, and more; keep your existing client configs while centralizing policies and telemetry.3637> ⭐ **If you find this project useful, please consider giving it a star on GitHub!** It helps us reach more developers and motivates us to keep improving.3839## ✨ Key Features4041### 🚀 Core Capabilities42- **Built-in AI Playground**: Test your MCPs instantly with Claude, Gemini, OpenAI, and xAI without any client setup43- **Universal MCP Compatibility**: Works with any MCP client including Claude Desktop, Cline, and Cursor44- **Multi-Server Support**: Connect to STDIO, SSE, and Streamable HTTP MCP servers45- **Dual Transport Modes**: Run proxy as STDIO (default) or Streamable HTTP server46- **Unified Document Search**: Search across all connected servers with built-in RAG capabilities47- **AI Document Exchange (RAG v2)**: MCP servers can create and manage documents in your library with full attribution48- **Notifications from Any Model**: Receive real-time notifications with optional email delivery49- **Multi-Workspace Layer**: Switch between different sets of MCP configurations with one click50- **API-Driven Proxy**: Fetches capabilities from plugged.in App APIs rather than direct discovery51- **Full MCP Support**: Handles tools, resources, resource templates, and prompts52- **Custom Instructions**: Supports server-specific instructions formatted as MCP prompts5354### 🎯 New in v1.5.0 (RAG v2 - AI Document Exchange)5556- **AI Document Creation**: MCP servers can now create documents directly in your library57 - Full model attribution tracking (which AI created/updated the document)58 - Version history with change tracking59 - Content deduplication via SHA-256 hashing60 - Support for multiple formats: MD, TXT, JSON, HTML, PDF, and more61- **Advanced Document Search**: Enhanced RAG queries with AI filtering62 - Filter by AI model, provider, date range, tags, and source type63 - Semantic search with relevance scoring64 - Automatic snippet generation with keyword highlighting65 - Support for filtering: `ai_generated`, `upload`, or `api` sources66- **Document Management via MCP**:67 - Set document visibility: private, workspace, or public68 - Parent-child relationships for document versions69 - Profile-based organization alongside project-based scoping70 - Real-time progress tracking for document processing7172### 🎯 Features from v1.4.0 (Registry v2 Support)7374- **OAuth Token Management**: Seamless OAuth authentication handling for Streamable HTTP MCP servers75 - Automatic token retrieval from plugged.in App76 - Secure token storage and refresh mechanisms77 - No client-side authentication needed78- **Enhanced Notification System**: Bidirectional notification support79 - Send notifications to plugged.in App80 - Receive notifications from MCP servers81 - Mark notifications as read/unread82 - Delete notifications programmatically83- **Trending Analytics**: Real-time activity tracking84 - Every tool call is logged and tracked85 - Contributes to trending server calculations86 - Usage metrics and popularity insights87- **Registry Integration**: Full support for Registry v2 features88 - Automatic server discovery from registry89 - Installation tracking and metrics90 - Community server support9192### 📦 Features from v1.1.09394- **Streamable HTTP Support**: Full support for downstream MCP servers using Streamable HTTP transport95- **HTTP Server Mode**: Run the proxy as an HTTP server with configurable ports96- **Flexible Authentication**: Optional Bearer token authentication for HTTP endpoints97- **Session Management**: Choose between stateful (session-based) or stateless operation modes9899### 🎯 Core Features from v1.0.0100101- **Real-Time Notifications**: Track all MCP activities with comprehensive notification support102- **RAG Integration**: Support for document-enhanced queries through the plugged.in App103- **Inspector Scripts**: Automated testing tools for debugging and development104- **Health Monitoring**: Built-in ping endpoint for connection monitoring105106## 🔧 Tool Categories107108The proxy provides two distinct categories of tools:109110### 🔧 Static Built-in Tools (Always Available)111These tools are built into the proxy and work without any server configuration:112- **`pluggedin_discover_tools`** - Smart discovery with caching for instant results113- **`pluggedin_ask_knowledge_base`** - RAG search across your documents with AI filtering capabilities114- **`pluggedin_send_notification`** - Send notifications with optional email delivery115- **`pluggedin_create_document`** - Create AI-generated documents in your library116- **`pluggedin_list_documents`** - List documents with filtering options117- **`pluggedin_search_documents`** - Search for specific documents by query118- **`pluggedin_get_document`** - Retrieve a specific document's full content by ID119- **`pluggedin_update_document`** - Update or append to an existing document120121#### 📋 Clipboard Tools (Memory System)122123- **`pluggedin_clipboard_set`** - Set a clipboard entry by name (semantic key) or index124- **`pluggedin_clipboard_get`** - Get clipboard entries by name, index, or list all125- **`pluggedin_clipboard_delete`** - Delete clipboard entries by name, index, or clear all126- **`pluggedin_clipboard_list`** - List all clipboard entries with metadata127- **`pluggedin_clipboard_push`** - Push a value with auto-incrementing index (stack push)128- **`pluggedin_clipboard_pop`** - Pop the highest-indexed entry (LIFO behavior)129130### ⚡ Dynamic MCP Tools (From Connected Servers)131These tools come from your configured MCP servers and can be turned on/off:132- Database tools (PostgreSQL, SQLite, etc.)133- File system tools134- API integration tools135- Custom tools from any MCP server136137The discovery tool intelligently shows both categories, giving AI models immediate access to all available capabilities.138139### 🚀 Discovery Tool Usage140141```bash142# Quick discovery - returns cached data instantly143pluggedin_discover_tools()144145# Force refresh - shows current tools + runs background discovery146pluggedin_discover_tools({"force_refresh": true})147148# Discover specific server149pluggedin_discover_tools({"server_uuid": "uuid-here"})150```151152**Example Response:**153```154## 🔧 Static Built-in Tools (Always Available):1551. **pluggedin_discover_tools** - Smart discovery with caching1562. **pluggedin_rag_query** - RAG v2 search across documents with AI filtering1573. **pluggedin_send_notification** - Send notifications1584. **pluggedin_create_document** - (Coming Soon) Create AI-generated documents159160## ⚡ Dynamic MCP Tools (8) - From Connected Servers:1611. **query** - Run read-only SQL queries1622. **generate_random_integer** - Generate secure random integers163...164```165166### 📋 Clipboard Usage Examples167168The clipboard system provides persistent memory for AI workflows:169170```bash171# Store a named entry (upserts if exists)172pluggedin_clipboard_set({173 "name": "customer_context",174 "value": "{\"name\": \"John Doe\", \"account_id\": \"12345\"}",175 "contentType": "application/json"176})177178# Store an indexed entry for ordered pipelines179pluggedin_clipboard_set({180 "idx": 0,181 "value": "First pipeline step result",182 "createdByTool": "data_processor"183})184185# Push to stack (auto-incrementing index)186pluggedin_clipboard_push({187 "value": "Analysis result from step 1",188 "contentType": "text/plain"189})190191# Get a specific entry by name192pluggedin_clipboard_get({"name": "customer_context"})193194# Pop from stack (LIFO - returns and removes highest index)195pluggedin_clipboard_pop()196197# List all entries with metadata198pluggedin_clipboard_list({"limit": 20})199200# Delete specific entry201pluggedin_clipboard_delete({"name": "customer_context"})202203# Clear all clipboard entries204pluggedin_clipboard_delete({"clearAll": true})205```206207### 📚 RAG v2 Usage Examples208209The enhanced RAG v2 system allows MCP servers to create and search documents with full AI attribution:210211```bash212# Search for documents created by specific AI models213pluggedin_rag_query({214 "query": "system architecture",215 "filters": {216 "modelName": "Claude 3 Opus",217 "source": "ai_generated",218 "tags": ["technical"]219 }220})221222# Search across all document sources223pluggedin_rag_query({224 "query": "deployment guide",225 "filters": {226 "dateFrom": "2024-01-01",227 "visibility": "workspace"228 }229})230231# Future: Create AI-generated documents (Coming Soon)232pluggedin_create_document({233 "title": "Analysis Report",234 "content": "# Market Analysis\n\nDetailed findings...",235 "format": "md",236 "tags": ["analysis", "market"],237 "metadata": {238 "model": {239 "name": "Claude 3 Opus",240 "provider": "Anthropic"241 }242 }243})244```245246## 🚀 Quick Start247248### Prerequisites249250- Node.js 18+ (recommended v20+)251- An API key from the plugged.in App (get one at [plugged.in/api-keys](https://plugged.in/api-keys))252253### Installation254255```bash256# Install and run with npx (latest v1.0.0)257npx -y @pluggedin/pluggedin-mcp-proxy@latest --pluggedin-api-key YOUR_API_KEY258```259260### 🔄 Upgrading to v1.0.0261262For existing installations, see our [Migration Guide](./MIGRATION_GUIDE_v1.0.0.md) for detailed upgrade instructions.263264```bash265# Quick upgrade266npx -y @pluggedin/pluggedin-mcp-proxy@1.0.0 --pluggedin-api-key YOUR_API_KEY267```268269### Configuration for MCP Clients270271#### Claude Desktop272273Add the following to your Claude Desktop configuration:274275```json276{277 "mcpServers": {278 "pluggedin": {279 "command": "npx",280 "args": ["-y", "@pluggedin/pluggedin-mcp-proxy@latest"],281 "env": {282 "PLUGGEDIN_API_KEY": "YOUR_API_KEY"283 }284 }285 }286}287```288289#### Cline290291Add the following to your Cline configuration:292293```json294{295 "mcpServers": {296 "pluggedin": {297 "command": "npx",298 "args": ["-y", "@pluggedin/pluggedin-mcp-proxy@latest"],299 "env": {300 "PLUGGEDIN_API_KEY": "YOUR_API_KEY"301 }302 }303 }304}305```306307#### Cursor308309For Cursor, you can use command-line arguments instead of environment variables:310311```bash312npx -y @pluggedin/pluggedin-mcp-proxy@latest --pluggedin-api-key YOUR_API_KEY313```314315## ⚙️ Configuration Options316317### Environment Variables318319| Variable | Description | Required | Default |320|----------|-------------|----------|---------|321| `PLUGGEDIN_API_KEY` | API key from plugged.in App | Yes | - |322| `PLUGGEDIN_API_BASE_URL` | Base URL for plugged.in App | No | `https://plugged.in` |323324### Command Line Arguments325326Command line arguments take precedence over environment variables:327328```bash329npx -y @pluggedin/pluggedin-mcp-proxy@latest --pluggedin-api-key YOUR_API_KEY --pluggedin-api-base-url https://your-custom-url.com330```331332#### Transport Options333334| Option | Description | Default |335|--------|-------------|---------|336| `--transport <type>` | Transport type: `stdio` or `streamable-http` | `stdio` |337| `--port <number>` | Port for Streamable HTTP server | `12006` |338| `--stateless` | Enable stateless mode for Streamable HTTP | `false` |339| `--require-api-auth` | Require API key for Streamable HTTP requests | `false` |340341For a complete list of options:342343```bash344npx -y @pluggedin/pluggedin-mcp-proxy@latest --help345```346347## 🌐 Streamable HTTP Mode348349The proxy can run as an HTTP server instead of STDIO, enabling web-based access and remote connections.350351### Basic Usage352353```bash354# Run as HTTP server on default port (12006)355npx -y @pluggedin/pluggedin-mcp-proxy@latest --transport streamable-http --pluggedin-api-key YOUR_API_KEY356357# Custom port358npx -y @pluggedin/pluggedin-mcp-proxy@latest --transport streamable-http --port 8080 --pluggedin-api-key YOUR_API_KEY359360# With authentication required361npx -y @pluggedin/pluggedin-mcp-proxy@latest --transport streamable-http --require-api-auth --pluggedin-api-key YOUR_API_KEY362363# Stateless mode (new session per request)364npx -y @pluggedin/pluggedin-mcp-proxy@latest --transport streamable-http --stateless --pluggedin-api-key YOUR_API_KEY365```366367### HTTP Endpoints368369- `POST /mcp` - Send MCP messages370- `GET /mcp` - Server-sent events stream (optional)371- `DELETE /mcp` - Terminate session372- `GET /health` - Health check endpoint373374### Session Management375376In stateful mode (default), use the `mcp-session-id` header to maintain sessions:377378```bash379# First request creates a session380curl -X POST http://localhost:12006/mcp \381 -H "Content-Type: application/json" \382 -H "Accept: application/json, text/event-stream" \383 -d '{"jsonrpc":"2.0","method":"tools/list","id":1}'384385# Subsequent requests use the same session386curl -X POST http://localhost:12006/mcp \387 -H "Content-Type: application/json" \388 -H "Accept: application/json, text/event-stream" \389 -H "mcp-session-id: YOUR_SESSION_ID" \390 -d '{"jsonrpc":"2.0","method":"tools/call","params":{"name":"tool_name"},"id":2}'391```392393### Authentication394395When using `--require-api-auth`, include your API key as a Bearer token:396397```bash398curl -X POST http://localhost:12006/mcp \399 -H "Authorization: Bearer YOUR_API_KEY" \400 -H "Content-Type: application/json" \401 -H "Accept: application/json, text/event-stream" \402 -d '{"jsonrpc":"2.0","method":"ping","id":1}'403```404405## 🐳 Docker Usage406407You can also build and run the proxy server using Docker.408409### Building the Image410411Ensure you have Docker installed and running. Navigate to the `pluggedin-mcp` directory and run:412413```bash414docker build -t pluggedin-mcp-proxy:latest .415```416417A `.dockerignore` file is included to optimize the build context.418419### Running the Container420421#### STDIO Mode (Default)422423Run the container in STDIO mode for MCP Inspector testing:424425```bash426docker run -it --rm \427 -e PLUGGEDIN_API_KEY="YOUR_API_KEY" \428 -e PLUGGEDIN_API_BASE_URL="YOUR_API_BASE_URL" \429 --name pluggedin-mcp-container \430 pluggedin-mcp-proxy:latest431```432433#### Streamable HTTP Mode434435Run the container as an HTTP server:436437```bash438docker run -d --rm \439 -e PLUGGEDIN_API_KEY="YOUR_API_KEY" \440 -e PLUGGEDIN_API_BASE_URL="YOUR_API_BASE_URL" \441 -p 12006:12006 \442 --name pluggedin-mcp-http \443 pluggedin-mcp-proxy:latest \444 --transport streamable-http --port 12006445```446447Replace `YOUR_API_KEY` and `YOUR_API_BASE_URL` (if not using the default `https://plugged.in`).448449### Testing with MCP Inspector450451While the container is running, you can connect to it using the MCP Inspector:452453```bash454npx @modelcontextprotocol/inspector docker://pluggedin-mcp-container455```456457This will connect to the standard input/output of the running container.458459### Stopping the Container460461Press `Ctrl+C` in the terminal where `docker run` is executing. The `--rm` flag ensures the container is removed automatically upon stopping.462463## ☁️ Smithery Cloud Deployment464465Deploy the plugged.in MCP Proxy to [Smithery Cloud](https://smithery.ai) for hosted, always-available access to your MCP servers.466467### Quick Start4684691. Visit [smithery.ai](https://smithery.ai) and sign in4702. Connect your GitHub account and select the `pluggedin-mcp` repository4713. Configure your Plugged.in API key in the Smithery UI4724. Deploy and get your HTTPS endpoint473474### Benefits475476- **24/7 Availability**: Your proxy is always running477- **Zero Configuration**: Smithery auto-detects settings from `smithery.yaml`478- **Automatic Scaling**: Handle multiple concurrent connections479- **Web Access**: Perfect for web applications and remote clients480481### Documentation482483For complete deployment instructions, configuration options, troubleshooting, and technical details, see:484485**📖 [Smithery Deployment Guide](docs/SMITHERY_DEPLOYMENT.md)**486487## Autonomous Agents (Preview)488489The hub is designed to support agentic loops end‑to‑end:490491```492MCP Client → plugged.in MCP Hub → (Plan → Act → Reflect)493 ↘ Knowledge ↘ Memory ↘ Tools494```495496- Plan — derive goals and constraints, form task graphs.497- Act — call tools from the unified catalog; route safely across STDIO/SSE/HTTP servers.498- Reflect — persist outcomes into Memory and Knowledge (documents, notes, artifacts) to improve subsequent steps.499500**Safety & Ops**501Enable `--require-api-auth` in Streamable HTTP mode; use allowlists for commands, arguments, and env. Combine server‑level validation with client‑side prompts hardened against prompt‑injection. Leverage existing logging/telemetry to track tool usage and document mutations.502503## 🏗️ System Architecture504505The plugged.in MCP Proxy Server acts as a bridge between MCP clients and multiple underlying MCP servers:506507```mermaid508sequenceDiagram509 participant MCPClient as MCP Client (e.g. Claude Desktop)510 participant PluggedinMCP as plugged.in MCP Proxy511 participant PluggedinApp as plugged.in App512 participant MCPServers as Underlying MCP Servers513514 MCPClient ->> PluggedinMCP: Request list tools/resources/prompts515 PluggedinMCP ->> PluggedinApp: Get capabilities via API516 PluggedinApp ->> PluggedinMCP: Return capabilities (prefixed)517518 MCPClient ->> PluggedinMCP: Call tool/read resource/get prompt519 alt Standard capability520 PluggedinMCP ->> PluggedinApp: Resolve capability to server521 PluggedinApp ->> PluggedinMCP: Return server details522 PluggedinMCP ->> MCPServers: Forward request to target server523 MCPServers ->> PluggedinMCP: Return response524 else Custom instruction525 PluggedinMCP ->> PluggedinApp: Get custom instruction526 PluggedinApp ->> PluggedinMCP: Return formatted messages527 end528 PluggedinMCP ->> MCPClient: Return response529530 alt Discovery tool (Smart Caching)531 MCPClient ->> PluggedinMCP: Call pluggedin_discover_tools532 alt Cached data available533 PluggedinMCP ->> PluggedinApp: Check cached capabilities534 PluggedinApp ->> PluggedinMCP: Return cached tools/resources/prompts535 PluggedinMCP ->> MCPClient: Return instant results (static + dynamic)536 else Force refresh or no cache537 PluggedinMCP ->> PluggedinApp: Trigger background discovery538 PluggedinMCP ->> MCPClient: Return current tools + "discovery running"539 PluggedinApp ->> MCPServers: Connect and discover capabilities (background)540 MCPServers ->> PluggedinApp: Return fresh capabilities541 end542 end543```544545## 🔄 Workflow5465471. **Configuration**: The proxy fetches server configurations from the plugged.in App5482. **Smart Discovery** (`pluggedin_discover_tools`):549 - **Cache Check**: First checks for existing cached data (< 1 second)550 - **Instant Response**: Returns static tools + cached dynamic tools immediately551 - **Background Refresh**: For `force_refresh=true`, runs discovery in background while showing current tools552 - **Fresh Discovery**: Only runs full discovery if no cached data exists5533. **Capability Listing**: The proxy fetches discovered capabilities from plugged.in App APIs554 - `tools/list`: Fetches from `/api/tools` (includes static + dynamic tools)555 - `resources/list`: Fetches from `/api/resources`556 - `resource-templates/list`: Fetches from `/api/resource-templates`557 - `prompts/list`: Fetches from `/api/prompts` and `/api/custom-instructions`, merges results5584. **Capability Resolution**: The proxy resolves capabilities to target servers559 - `tools/call`: Parses prefix from tool name, looks up server in internal map560 - `resources/read`: Calls `/api/resolve/resource?uri=...` to get server details561 - `prompts/get`: Checks for custom instruction prefix or calls `/api/resolve/prompt?name=...`5625. **Request Routing**: Requests are routed to the appropriate underlying MCP server5636. **Response Handling**: Responses from the underlying servers are returned to the client564565## 🔒 Security Features566567The plugged.in MCP Proxy implements comprehensive security measures to protect your system and data:568569### Input Validation & Sanitization570571- **Command Injection Prevention**: All commands and arguments are validated against allowlists before execution572- **Environment Variable Security**: Secure parsing of `.env` files with proper handling of quotes and multiline values573- **Token Validation**: Strong regex patterns for API keys and authentication tokens (32-64 hex characters)574575### Network Security576577- **SSRF Protection**: URL validation blocks access to:578 - Localhost and loopback addresses (127.0.0.1, ::1)579 - Private IP ranges (10.x, 172.16-31.x, 192.168.x)580 - Link-local addresses (169.254.x)581 - Multicast and reserved ranges582 - Common internal service ports (SSH, databases, etc.)583- **Header Validation**: Protection against header injection with:584 - Dangerous header blocking585 - RFC 7230 compliant header name validation586 - Control character detection587 - Header size limits (8KB max)588- **Rate Limiting**:589 - Tool calls: 60 requests per minute590 - API calls: 100 requests per minute591- **Error Sanitization**: Prevents information disclosure by sanitizing error messages592593### Process Security594595- **Safe Command Execution**: Uses `execFile()` instead of `exec()` to prevent shell injection596- **Command Allowlist**: Only permits execution of:597 - `node`, `npx` - Node.js commands598 - `python`, `python3` - Python commands599 - `uv`, `uvx`, `uvenv` - UV Python tools600- **Argument Sanitization**: Removes shell metacharacters and control characters from all arguments601- **Environment Variable Validation**: Only allows alphanumeric keys with underscores602603### Streamable HTTP Security604605- **Lazy Authentication**: Tool discovery doesn't require authentication, improving compatibility606- **Session Security**: Cryptographically secure session ID generation607- **CORS Protection**: Configurable CORS headers for web access608- **Request Size Limits**: Prevents DoS through large payloads609610### Security Utilities611612A dedicated `security-utils.ts` module provides:613- Bearer token validation614- URL validation with SSRF protection615- Command argument sanitization616- Environment variable validation617- Rate limiting implementation618- Error message sanitization619620For detailed security implementation, see [SECURITY.md](SECURITY.md).621622## 🧩 Integration with plugged.in App623624The plugged.in MCP Proxy Server is designed to work seamlessly with the [plugged.in App](https://github.com/VeriTeknik/pluggedin-app), which provides:625626- A web-based interface for managing MCP server configurations627- Centralized capability discovery (Tools, Resources, Templates, Prompts)628- **RAG v2 Document Library**: Upload documents and enable AI-generated content with full attribution629- Custom instructions management630- Multi-workspace support for different configuration sets631- An interactive playground for testing MCP tools with any AI model632- User authentication and API key management633- **AI Document Exchange**: Create, search, and manage documents with model attribution tracking634635## 📚 Related Resources636637- [plugged.in App Repository](https://github.com/VeriTeknik/pluggedin-app)638- [Model Context Protocol (MCP) Specification](https://modelcontextprotocol.io/)639- [Claude Desktop Documentation](https://docs.anthropic.com/claude/docs/claude-desktop)640- [Cline Documentation](https://docs.cline.bot/)641642## 🤝 Contributing643644Contributions are welcome! Please feel free to submit a Pull Request.645646## 📝 Recent Updates647648### Version 1.9.0 (September 2025) - Security Enhancements649650#### 🔒 Enhanced HTML Sanitization651- **Industry-Standard Sanitization**: Replaced custom regex-based HTML sanitization with `sanitize-html` library652- **XSS Prevention**: Comprehensive protection against cross-site scripting attacks653- **HTML Attribute Security**: Enhanced sanitization for HTML attribute contexts (quotes, ampersands)654- **Format String Injection**: Fixed format string injection vulnerabilities in logging655- **Security Testing**: Comprehensive test coverage for all sanitization functions656657#### 🛡️ Security Improvements658- **CodeQL Compliance**: Resolved all security vulnerabilities identified by GitHub CodeQL analysis659- **Input Validation**: Strengthened input validation and sanitization across all functions660- **Dependency Updates**: Added `sanitize-html` for robust HTML content filtering661- **Test Coverage**: Enhanced security test suite with XSS attack prevention verification662663### Version 1.5.0 (January 2025) - RAG v2664665#### 🤖 AI Document Exchange666- **AI-Generated Documents**: MCP servers can now create documents in your library with full AI attribution667- **Model Attribution Tracking**: Complete history of which AI models created or updated each document668- **Advanced Document Search**: Filter by AI model, provider, date, tags, and source type669- **Document Versioning**: Track changes and maintain version history for AI-generated content670- **Multi-Source Support**: Documents from uploads, AI generation, or API integrations671672#### 🔍 Enhanced RAG Capabilities673- **Semantic Search**: Improved relevance scoring with PostgreSQL full-text search674- **Smart Filtering**: Filter results by visibility, model attribution, and document source675- **Snippet Generation**: Automatic snippet extraction with keyword highlighting676- **Performance Optimization**: Faster queries with optimized indexing677678### Version 1.2.0 (January 2025)679680#### 🔒 Security Enhancements681682- **URL Validation**: Comprehensive SSRF protection blocking private IPs, localhost, and dangerous ports683- **Command Allowlisting**: Only approved commands (node, npx, python, etc.) can be executed684- **Header Sanitization**: Protection against header injection attacks685- **Lazy Authentication**: Improved Smithery compatibility with auth-free tool discovery686687#### 🚀 Performance Improvements688689- **Optimized Docker Builds**: Multi-stage builds for minimal container footprint690- **Production Dependencies Only**: Test files and dev dependencies excluded from Docker images691- **Resource Efficiency**: Designed for deployment in resource-constrained environments692693#### 🔧 Technical Improvements694695- Enhanced error handling in Streamable HTTP transport696- Better session cleanup and memory management697- Improved TypeScript types and code organization698699### Version 1.1.0 (December 2024)700701#### 🚀 New Features702703- **Streamable HTTP Support**: Connect to downstream MCP servers using the modern Streamable HTTP transport704- **HTTP Server Mode**: Run the proxy as an HTTP server for web-based access705- **Flexible Session Management**: Choose between stateless or stateful modes706- **Authentication Options**: Optional Bearer token authentication for HTTP endpoints707- **Health Monitoring**: `/health` endpoint for service monitoring708709#### 🔧 Technical Improvements710711- Updated MCP SDK to v1.13.1 for latest protocol support712- Added Express.js integration for HTTP server functionality713- Enhanced TypeScript types for better developer experience714715### Version 1.0.0 (June 2025)716717#### 🎯 Major Features718- **Real-Time Notification System**: Track all MCP activities with comprehensive notification support719- **RAG Integration**: Support for document-enhanced queries through the plugged.in App720- **Inspector Scripts**: New automated testing tools for debugging and development721- **Health Monitoring**: Built-in ping endpoint for connection monitoring722723#### 🔒 Security Enhancements724- **Input Validation**: Industry-standard validation and sanitization for all inputs725- **URL Security**: Enhanced URL validation with SSRF protection726- **Environment Security**: Secure parsing of environment variables with dotenv727- **Error Sanitization**: Prevents information disclosure in error responses728729#### 🐛 Bug Fixes730- Fixed JSON-RPC protocol interference (stdout vs stderr separation)731- Resolved localhost URL validation for development environments732- Fixed API key handling in inspector scripts733- Improved connection stability and memory management734735#### 🔧 Developer Tools736- New inspector scripts for automated testing737- Improved error messages and debugging capabilities738- Structured logging with proper stderr usage739- Enhanced TypeScript type safety740741See [Release Notes](./RELEASE_NOTES_v1.0.0.md) for complete details.742743## 🧪 Testing and Development744745### Local Development746Tests are included for development purposes but are excluded from Docker builds to minimize the container footprint.747748```bash749# Run tests locally750npm test751# or752./scripts/test-local.sh753754# Run tests in watch mode755npm run test:watch756757# Run tests with UI758npm run test:ui759```760761### Lightweight Docker Builds762The Docker image is optimized for minimal footprint:763- Multi-stage build process764- Only production dependencies in final image765- Test files and dev dependencies excluded766- Optimized for resource-constrained environments767768```bash769# Build optimized Docker image770docker build -t pluggedin-mcp .771772# Check image size773docker images pluggedin-mcp774```775776## 📄 License777778This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.779780## 🙏 Acknowledgements781782- Inspired by the [MCP Proxy Server](https://github.com/adamwattis/mcp-proxy-server/)783- Built on the [Model Context Protocol](https://modelcontextprotocol.io/)784
Full transparency — inspect the skill content before installing.