Is Bookservice Mcp Server safe to use?

Bookservice Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install Bookservice Mcp Server?

Bookservice Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

Is Bookservice Mcp Server actively maintained?

Bookservice Mcp Server is less actively maintained — last commit was 275 days ago.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/bookservice-mcp-server)](https://mcppedia.org/s/bookservice-mcp-server)

✓

Is it safe?

No known CVEs for @modelcontextprotocol/inspector. 2 previously resolved.

No authentication — any process on your machine can connect.

License not specified.

Is it maintained?

Last commit 275 days ago. 127,149 weekly downloads.

Will it work with my client?

Transport: stdio. Works with Claude Desktop, Cursor, Claude Code, and most MCP clients.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@modelcontextprotocol/inspector' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

MCPpedia Score

Click each category to see evidence

42C

Last scored 22h ago

How we score →

Security

19/30

No open vulnerabilities. 2 fixed CVEs.

✓

Known CVEs — No known CVEs for @modelcontextprotocol/inspectorcheck OSV.dev

○

Tool safety — No tools to analyze

Advisories (0 open, 2 fixed)

mediumCVSS 4CVE-2025-58444Fixed

MCP Inspector is Vulnerable to Potential Command Execution via XSS When Connecting to an Untrusted MCP Server

An XSS flaw exists in the MCP Inspector local development tool when it renders a redirect URL returned by a remote MCP server. If the Inspector connects to an untrusted server, a crafted redirect can inject script into the Inspector context and, via the built-in proxy, be leveraged to trigger arbitrary command execution on the developer machine. Version 0.16.6 hardens URL handling/validation and prevents script execution. > Thank you to the following researchers for their reports and contributi

Affected: >= 0Fixed in 0.16.6Published Sep 8, 2025source \u2192

mediumCVSS 4CVE-2025-49596Fixed

MCP Inspector proxy server lacks authentication between the Inspector client and proxy

Versions of MCP Inspector below 0.14.1 are vulnerable to remote code execution due to lack of authentication between the Inspector client and proxy, allowing unauthenticated requests to launch MCP commands over stdio. Users should immediately upgrade to version 0.14.1 or later to address these vulnerabilities. Credit: Rémy Marot <bughunters@tenable.com>

Affected: >= 0Fixed in 0.14.1Published Jun 13, 2025source \u2192

CVEs checked daily via OSV.dev. Score algorithm is open source.

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

MCP Security Weekly

Get CVE alerts and security updates for Bookservice Mcp Server and similar servers.

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Spring Boot MCP Server Example

A Spring Boot application that demonstrates Model Context Protocol (MCP) server implementation with book and author management functionality. This application can run in two modes:

Web Application Mode: Traditional REST API server
MCP Server Mode: Model Context Protocol server for AI tool integration

Prerequisites

Java 17 or higher
Maven 3.6+ for building the project
MCP Inspector (optional, for validation and testing)

Project Structure

book-service/
├── src/main/java/com/example/bookservice/
│   ├── BookServiceApplication.java          # Main application class
│   ├── controller/
│   │   ├── BookController.java              # REST endpoints for books
│   │   └── AuthorController.java            # REST endpoints for authors
│   ├── mcp/
│   │   ├── McpServer.java                   # MCP server implementation
│   │   └── McpTool.java                     # MCP tool definitions
│   └── model/
│       ├── Book.java                        # Book entity
│       └── Author.java                      # Author entity
├── pom.xml                                  # Maven configuration
├── test_mcp.sh                             # MCP server test script
└── test_mcp_simple.json                    # Sample MCP request

Compilation Instructions

1. Clean and Compile

mvn clean compile

2. Package the Application

mvn clean package

This will create an executable JAR file at target/book-service-1.0.0.jar.

3. Skip Tests (if needed)

mvn clean package -DskipTests

Starting the Application

Web Application Mode (Default)

Start as a traditional Spring Boot web application with REST endpoints:

java -jar target/book-service-1.0.0.jar

The web application will be available at:

Base URL: http://localhost:8080
API Endpoints: http://localhost:8080/api/books, http://localhost:8080/api/authors
Swagger UI: http://localhost:8080/swagger-ui.html

MCP Server Mode

Start as an MCP server for AI tool integration:

java -jar target/book-service-1.0.0.jar --mcp

The MCP server will:

Listen for JSON-RPC 2.0 requests on stdin
Respond with JSON-RPC 2.0 responses on stdout
Log messages to stderr

MCP Server Validation

Using the Built-in Test Script

Run the provided test script to validate basic MCP functionality:

chmod +x test_mcp.sh
./test_mcp.sh

This script tests:

Server initialization
Tools listing
Tool execution (get_all_books)

Manual Testing with JSON-RPC Requests

1. Initialize the MCP Server

echo '{"jsonrpc": "2.0", "id": 1, "method": "initialize", "params": {}}' | java -jar target/book-service-1.0.0.jar --mcp

2. List Available Tools

echo '{"jsonrpc": "2.0", "id": 2, "method": "tools/list", "params": {}}' | java -jar target/book-service-1.0.0.jar --mcp

3. Call a Tool (Get All Books)

echo '{"jsonrpc": "2.0", "id": 3, "method": "tools/call", "params": {"name": "get_all_books", "arguments": {}}}' | java -jar target/book-service-1.0.0.jar --mcp

4. Call a Tool (Get Book by ID)

echo '{"jsonrpc": "2.0", "id": 4, "method": "tools/call", "params": {"name": "get_book_by_id", "arguments": {"id": "1"}}}' | java -jar target/book-service-1.0.0.jar --mcp

Using MCP Inspector

If you have the MCP Inspector installed, you can use it to validate and interact with the MCP server:

1. Install MCP Inspector (if not already installed)

npm install -g @modelcontextprotocol/inspector

2. Create MCP Configuration

Create a configuration file mcp-config.json:

{
  "mcpServers": {
    "book-service": {
      "command": "java",
      "args": ["-jar", "target/book-service-1.0.0.jar", "--mcp"],
      "env": {}
    }
  }
}

3. Start MCP Inspector

mcp-inspector --config mcp-config.json

4. Access Inspector UI

Open your browser and navigate

... View full README on GitHub

Bookservice Mcp Server

Quick Install

Should you use this server?