Is Abacus Mcp Server safe to use?

Abacus Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under GPL-3.0.

How do I install Abacus Mcp Server?

Abacus Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What AI clients work with Abacus Mcp Server?

Abacus Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.

Is Abacus Mcp Server actively maintained?

Abacus Mcp Server is less actively maintained — last commit was 364 days ago. It has 9 GitHub stars.

Abacus Mcp Server

Name: Abacus Mcp Server
Author: PhelanShao

fastmcp · by PhelanShao

ABACUS, an open-source DFT-based simulation platform, is supported by an MCP server that provides a structured communication interface for submitting, managing, and executing tasks.

9 0 tools GitHub PyPI

No known CVEs

GPL-3.0 license

Stale

Last commit 364d ago

Works with most clients

Transport: stdio

0 tools

Grade F

Edit this pageView history

Education Data

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "abacus-mcp-server": {
      "env": {
        "PYTHONPATH": "/path/to/abacus-mcp-server"
      },
      "args": [
        "/path/to/abacus-mcp-server/src/server.py"
      ],
      "command": "python"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/abacus-mcp-server)](https://mcppedia.org/s/abacus-mcp-server)

Read me

What Abacus Mcp Server does

中文 | English | 快速开始 | Quick Start

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

uvx 'fastmcp' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

47/100across 5 weighted dimensions

How we score →

0255075100

−53

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

8 fixed

CVE-2026-32871low · fixedCVSS 3.1

FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability

## Technical Description The `OpenAPIProvider` in FastMCP exposes internal APIs to MCP clients by parsing OpenAPI specifications. The `RequestDirector` class is responsible for constructing HTTP requests to the backend service. A critical vulnerability exists in the `_build_url()` method. When an OpenAPI operation defines path parameters (e.g., `/api/v1/users/{user_id}`), the system directly substitutes parameter values into the URL template string **without URL-encoding**. Subsequently, `urll

Affected: >= 0Fixed in 3.2.0source →

CVE-2026-27124medium · fixedCVSS 4

FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities

## Summary While testing the *GitHubProvider* OAuth integration, which allows authentication to a FastMCP MCP server via a FastMCP OAuthProxy using GitHub OAuth, it was discovered that the FastMCP OAuthProxy does not properly validate the user's consent upon receiving the authorization code from GitHub. In combination with GitHub’s behavior of skipping the consent page for previously authorized clients, this introduces a Confused Deputy vulnerability. ## Technical Details An adversary can initi

Affected: >= 0Fixed in 3.2.0source →

CVE-2025-64340low · fixedCVSS 3.1

FastMCP has a Command Injection vulnerability - Gemini CLI

Server names containing shell metacharacters (e.g., `&`) can cause command injection on Windows when passed to `fastmcp install claude-code` or `fastmcp install gemini-cli`. These install paths use `subprocess.run()` with a list argument, but on Windows the target CLIs often resolve to `.cmd` wrappers that are executed through `cmd.exe`, which interprets metacharacters in the flattened command string. PoC: ```python from fastmcp import FastMCP mcp = FastMCP(name="test&calc") @mcp.tool def rol

Affected: >= 0Fixed in 3.2.0source →

CVE-2025-69196medium · fixedCVSS 4

FastMCP OAuth Proxy token reuse across MCP servers

While testing the OAuth Proxy implementation, it was noticed that the server does not properly respect the `resource` parameter submitted by the client in the authorization and token request. Instead of issuing the token explicitly for this MCP server, the token is issued for the `base_url` passed to the `OAuthProxy` during initialization. **Affected File:** *https://github.com/jlowin/fastmcp/blob/main/src/fastmcp/server/auth/oauth_proxy.py#L828* **Affected Code:** ```python self._jwt_issuer:

Affected: >= 0Fixed in 2.14.2source →

GHSA-rcfx-77hg-w2wvinfo · fixed

FastMCP updated to MCP 1.23+ due to CVE-2025-66416

There was a recent CVE report on MCP: https://nvd.nist.gov/vuln/detail/CVE-2025-66416. FastMCP does not use any of the affected components of the MCP SDK directly. However, FastMCP versions prior to 2.14.0 did allow MCP SDK versions <1.23 that were vulnerable to CVE-2025-66416. Users should upgrade to FastMCP 2.14.0 or later.

Affected: >= 0Fixed in 2.14.0source →

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Abacus Mcp Server safe to use?: Abacus Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under GPL-3.0.
How do I install Abacus Mcp Server?: Abacus Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What AI clients work with Abacus Mcp Server?: Abacus Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.
Is Abacus Mcp Server actively maintained?: Abacus Mcp Server is less actively maintained — last commit was 364 days ago. It has 9 GitHub stars.

Similar servers

Others in education / data

View all →

PostgreSQL MCP Server98

Query and manage PostgreSQL databases directly from AI assistants

86.4k 1

Firecrawl Mcp Server95

🔥 Official Firecrawl MCP Server - Adds powerful web scraping and search to Cursor, Claude and any other LLM clients.

6.4k 4

Supabase MCP Server95

Manage Supabase projects — databases, auth, storage, and edge functions

2.7k 4

Alpha Vantage Mcp95

Real-time financial market data: stocks, forex, crypto, commodities, and economic indicators

158 3

MCP Security Weekly

Get CVE alerts and security updates for Abacus Mcp Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Education Data

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "abacus-mcp-server": {
      "env": {
        "PYTHONPATH": "/path/to/abacus-mcp-server"
      },
      "args": [
        "/path/to/abacus-mcp-server/src/server.py"
      ],
      "command": "python"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/abacus-mcp-server)](https://mcppedia.org/s/abacus-mcp-server)

Read me

What Abacus Mcp Server does

中文 | English | 快速开始 | Quick Start

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

uvx 'fastmcp' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

ABACUS MCP Server

中文 | English | 快速开始 | Quick Start

基于Model Context Protocol (MCP)的ABACUS第一性原理计算服务器。主要用于量子化学和材料科学计算。

主要功能

计算功能

SCF计算 - 自洽场电子结构计算
结构优化 - 几何优化和晶胞优化
分子动力学 - MD模拟和轨迹分析
能带结构 - 电子能带结构计算
态密度 - 电子态密度计算
电荷密度 - 电荷密度分析

智能助手

参数建议 - 根据计算类型推荐合适参数
输入验证 - 检查参数设置是否合理
故障诊断 - 帮助解决计算中的问题
成本估算 - 评估计算资源需求

结果分析

智能解释 - 自动分析计算结果
优化建议 - 根据结果提供改进建议
性能监控 - 跟踪计算性能

PyABACUS集成

Python接口 - 支持PyABACUS Python接口
模块化分析 - 集成ModuleBase、ModuleNAO、hsolver等模块
工作流指导 - PyABACUS使用示例和最佳实践

安装

系统要求

Python 3.8+
ABACUS软件包
足够的计算资源

Python依赖

pip install fastmcp ase numpy psutil

ABACUS安装

参考ABACUS官方文档安装。

快速开始

1. 下载代码

git clone <repository-url>
cd abacus-mcp-server

2. 安装依赖

pip install -r requirements.txt

3. 配置ABACUS

确保ABACUS在系统PATH中：

abacus --version

4. 准备赝势文件

mkdir pseudos
# 把赝势文件放到pseudos目录

5. 启动服务器

python src/server.py

MCP客户端配置

Claude Desktop配置

在Claude Desktop设置中添加：

{
  "mcpServers": {
    "abacus-mcp-server": {
      "command": "python",
      "args": ["/path/to/abacus-mcp-server/src/server.py"],
      "env": {"PYTHONPATH": "/path/to/abacus-mcp-server"}
    }
  }
}

Roo Code配置

打开Roo Code设置
找到MCP服务器部分
添加上面的配置

使用示例

基础SCF计算

我想对硅晶体进行SCF计算，请帮我设置参数。

结构优化

我有个钙钛矿结构需要优化几何并计算带隙。

能带结构

计算石墨烯沿Γ-M-K-Γ路径的能带结构。

故障排除

我的ABACUS计算不收敛，SCF一直振荡，帮我看看。

使用指南

基本工作流

准备赝势文件到 pseudos/ 目录
在MCP客户端中描述你的计算需求
服务器会自动设置参数并运行计算
查看结果和建议

常用计算类型

硅能带结构计算

计算硅晶体的能带结构，晶格常数5.43 Å，沿Γ-X-L-Γ路径。

钙钛矿结构优化

优化BaTiO3几何结构并计算电子性质。

收敛问题诊断

我的MoS2计算不收敛，SCF在-150.5和-150.8 Ry间振荡，用的ecutwfc=80 Ry。

PyABACUS工作流

用PyABACUS分析原子轨道重叠，需要LCAO计算和重叠矩阵。

基本工作流

创建结构

# 使用create_structure工具创建原子结构
structure = create_structure(
    formula_or_data="Si2",
    input_format="formula",
    crystalstructure="diamond",
    a=5.43
)

验证输入

# 验证计算参数
validation = validate_input(
    input_params={
        "ecutwfc": 100,
        "scf_thr": 1e-6,
        "basis_type": "pw"
    },
    structure_dict=structure["data"]
)

运行计算

# 执行SCF计算
scf_result = run_scf(
    structure_dict=structure["data"],
    input_params={
        "ecutwfc": 100,
        "scf_thr": 1e-6
    },
    kpoints_definition={
        "mode": "Monkhorst-Pack",
        "size": [4, 4, 4]
    },
    pseudo_potential_map={"Si": "Si.UPF"}
)

分析结果

# 查看计算结果和建议
print(scf_result["data"]["interpretation"])
print(scf_result["data"]["recommendations"])

MCP资源

abacus://system/status - 系统状态
abacus://docs/input_parameters - 参数文档
abacus://examples/scf - SCF示例
abacus://calculations/{task_id}/results - 计算结果
abacus://calculations/{task_id}/logs - 计算日志

配置

环境变量

export ABACUS_COMMAND="/path/to/abacus"
export PSEUDO_DIR="/path/to/pseudos"
export ABACUS_WORK_DIR="/path/to/calculations"

配置文件

创建config.json：

{
  "abacus_command": "abacus",
  "pseudo_base_path": "./pseudos",
  "work_directory": "./calculations"
}

故障排除

常见问题

ABACUS未找到

which abacus
abacus --version

赝势文件缺失

ls -la pseudos/

内存不足

减少ecutwfc值
使用更稀疏的k点网格

调试模式

export LOG_LEVEL="DEBUG"
python src/server.py

PyABACUS集成

安装

git clone https://github.com/deepmodeling/abacus-develop.git
cd abacus-develop/python
pip install .

使用

import pyabacus as m
s = m.ModuleBase.Sphbes()
result = s.sphbesj(1, 0.0)

主要工具

结构管理

create_structure - 创建原子结构
validate_structure - 验证结构
convert_structure - 格式转换

计算执行

run_scf - SCF计算
run_optimization - 结构优化
run_md - 分子动力学

性质分析

calculate_band_structure - 能带结构
calculate_dos - 态密度
`calculate_c

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

47/100across 5 weighted dimensions

How we score →

0255075100

−53

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

8 fixed

CVE-2026-32871low · fixedCVSS 3.1

FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability

Affected: >= 0Fixed in 3.2.0source →

CVE-2026-27124medium · fixedCVSS 4

FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities

Affected: >= 0Fixed in 3.2.0source →

CVE-2025-64340low · fixedCVSS 3.1

FastMCP has a Command Injection vulnerability - Gemini CLI

Affected: >= 0Fixed in 3.2.0source →

CVE-2025-69196medium · fixedCVSS 4

FastMCP OAuth Proxy token reuse across MCP servers

Affected: >= 0Fixed in 2.14.2source →

GHSA-rcfx-77hg-w2wvinfo · fixed

FastMCP updated to MCP 1.23+ due to CVE-2025-66416

Affected: >= 0Fixed in 2.14.0source →

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Abacus Mcp Server safe to use?: Abacus Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under GPL-3.0.
How do I install Abacus Mcp Server?: Abacus Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What AI clients work with Abacus Mcp Server?: Abacus Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.
Is Abacus Mcp Server actively maintained?: Abacus Mcp Server is less actively maintained — last commit was 364 days ago. It has 9 GitHub stars.