Is Dify Plugin Mcp_server safe to use?

Dify Plugin Mcp_server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install Dify Plugin Mcp_server?

Dify Plugin Mcp_server can be installed by cloning its GitHub repository and following the setup instructions in the README.

What AI clients work with Dify Plugin Mcp_server?

Dify Plugin Mcp_server is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.

Is Dify Plugin Mcp_server actively maintained?

Dify Plugin Mcp_server is less actively maintained — last commit was 294 days ago. It has 64 GitHub stars.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/dify-plugin-mcp-server)](https://mcppedia.org/s/dify-plugin-mcp-server)

✓

Is it safe?

No package registry to scan.

No authentication — any process on your machine can connect.

License not specified.

Is it maintained?

Last commit 294 days ago. 64 stars.

Will it work with my client?

Transport: stdio. Works with Claude Desktop, Cursor, Claude Code, and most MCP clients.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

MCPpedia Score

Click each category to see evidence

15F

Last scored 1h ago

How we score →

Security

3/30

No known vulnerabilities.

○

Known CVEs — No package registry to scan

○

Tool safety — No tools to analyze

○

Tool poisoning — No tools to analyze

○

Injection vectors — No tools to analyze

✓

Tool stability — Tool definitions stable

○

Dependency health — No package to analyze

✗

License — No license specified

○

Authentication — No authentication required

○

CVEs checked daily via OSV.dev. Score algorithm is open source.

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

MCP Security Weekly

Get CVE alerts and security updates for Dify Plugin Mcp_server and similar servers.

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

MCP Server

Author: hjlarry
Version: 0.0.4
Type: extension
Repo: https://github.com/hjlarry/dify-plugin-mcp_server
Feature Request: issues

A Dify endpoint plugin that change a dify app to a mcp server.

To keep your data secure, use this plugin exclusively within your private network.

Get Started

1. create a simple workflow app in dify.

2. add a endpoint and select this app.

The app's input schema must define its input parameters. For a chat dify app, ensure to include a query field in the input schema, formatted as follows:

{
    "name": "get_weather",
    "description": "Get weather status for a place.",
    "inputSchema": {
        "properties": {
            "place": {"title": "Place", "type": "string"}
        },
        "required": ["place"],
        "title": "get_weatherArguments",
        "type": "object"
    }
}

3. copy the endpoint url to your mcp client, like `Cherry Studio`

Option 1: Use the newest Streamable HTTP protocol (Recommended)

Option 2: Use the legacy SSE protocol

4. enjoy it!

5. To keep your data secure, you can add a `Auth Bearer Token` on the endpoint setting.

For example, if your Auth Bearer Token is setting to sk-abcdefgh, then the request header of MCP client must add Authorization: Bearer sk-abcdefgh

Changelog

0.0.4

Add response to the ping method of MCP client, some clients use this method to check server health
Add Authorization: Bearer token validator
Fix some log incorrect

0.0.3

To fix sse get non-exist key get lots error logs on the plugin daemon.
Add logs to help debug problems.
Streamable http support response object and array.

0.0.2

Add a new Streamable HTTP protocol.
Update dify-plugin-sdk version.

Dify Plugin Mcp_server

Quick Install