Is Flask Mcp Server safe to use?

Flask Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install Flask Mcp Server?

Flask Mcp Server can be installed by cloning its GitHub repository and following the setup instructions in the README.

What AI clients work with Flask Mcp Server?

Flask Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.

Is Flask Mcp Server actively maintained?

Flask Mcp Server is less actively maintained — last commit was 289 days ago. It has 7 GitHub stars.

Flask Mcp Server

Name: Flask Mcp Server
Author: bashar94

by bashar94

Most advanced Flask-based MCP server

7 GitHub

No known CVEs

No license

Stale

Last commit 289d ago

Works with most clients

Transport: stdio

0 tools

Grade F

Edit this pageView history

Developer Tools

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "flask-mcp-server": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/flask-mcp-server)](https://mcppedia.org/s/flask-mcp-server)

Read me

What Flask Mcp Server does

Most advanced Flask-based MCP server

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

25/100across 5 weighted dimensions

How we score →

0255075100

−75

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Help improve this page

This server is missing a description. Tools and install config are also missing.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Flask Mcp Server safe to use?: Flask Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Flask Mcp Server?: Flask Mcp Server can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with Flask Mcp Server?: Flask Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.
Is Flask Mcp Server actively maintained?: Flask Mcp Server is less actively maintained — last commit was 289 days ago. It has 7 GitHub stars.

Similar servers

Others in developer-tools

View all →

Supabase MCP Server97

Manage Supabase projects — databases, auth, storage, and edge functions

2.7k 4

XcodeBuildMCP97

XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.

5.9k 1

XcodeBuildMCP97

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

5.9k 2

Mcp_agent_mail96

Asynchronous coordination layer for AI coding agents: identities, inboxes, searchable threads, and advisory file leases over FastMCP + Git + SQLite

2.0k 6

MCP Security Weekly

Get CVE alerts and security updates for Flask Mcp Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Developer Tools

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "flask-mcp-server": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/flask-mcp-server)](https://mcppedia.org/s/flask-mcp-server)

Read me

What Flask Mcp Server does

Most advanced Flask-based MCP server

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

flask-mcp-server

Flask-based Model Context Protocol (MCP) server for Python. Drop it into any Flask app or run it standalone. Ships with security and ops features out of the box.

Spec target: MCP 2025-06-18 — Streamable HTTP transport with a unified /mcp endpoint (POST for JSON-RPC; GET for SSE). Back-compat routes retained.

Package version: 0.6.1

Requirements
Install
Quick Start
What’s new in 0.6.1
Configuration (env vars)
Core Concepts
Examples
FAQ
Troubleshooting
License

Requirements

Python 3.9+
Flask 3.x (auto-installed)

Install

From PyPI

pip install flask-mcp-server

Add to requirements.txt from a file path:

flask-mcp-server==0.6.1

Quick Start

Integrated into an existing Flask app (integrated HTTP):

from flask import Flask
from flask_mcp_server import mount_mcp, Mcp
from flask_mcp_server.http_integrated import mw_auth, mw_ratelimit, mw_cors

app = Flask(__name__)

@Mcp.tool(name="sum")
def sum_(a: int, b: int) -> int:
    return a + b

# Mount at /mcp with useful middlewares
mount_mcp(app, url_prefix="/mcp", middlewares=[mw_auth, mw_ratelimit, mw_cors])

if __name__ == "__main__":
    app.run(port=8765)

Dedicated server app (ships with docs endpoints):

flask-mcp serve-http
# Swagger: http://127.0.0.1:8765/swagger
# OpenAPI: /docs.json

STDIO transport:

flask-mcp serve-stdio

What’s new in 0.6.1

Unified MCP endpoint (/mcp):
- POST a single JSON-RPC message (request/notification/response). If the Accept header includes text/event-stream, the server streams the response via SSE; otherwise returns JSON.
- GET to open an SSE stream for server messages (optional). Supports Last-Event-ID for resumability in future minor releases.
Protocol header: Accepts MCP-Protocol-Version: 2025-06-18 (or 2025-03-26 for back-compat); others => 400 Bad Request.
Sessions (minimal): If the POSTed method is "initialize", response includes Mcp-Session-Id header. Clients can include this header on subsequent requests.
Origin validation: Optional FLASK_MCP_ALLOWED_ORIGINS (comma-separated). If set, only requests with matching Origin are allowed at the unified MCP endpoint.
Backwards compatibility: legacy endpoints /mcp/list, /mcp/call, /mcp/batch remain.

Configuration (env vars)

Auth & roles

export FLASK_MCP_AUTH_MODE=apikey     # none|apikey|hmac
export FLASK_MCP_API_KEYS="k1,k2"
export FLASK_MCP_API_KEYS_MAP="k1:admin|user;k2:user"   # per-key roles
export FLASK_MCP_HMAC_SECRET="supersecret"              # if using HMAC

Rate limiting

export FLASK_MCP_RATE_LIMIT=60/m      # format: <N>/<s|m|h|d>
export FLASK_MCP_RATE_SCOPE=key       # ip|key

CORS, Origins & Logging

export FLASK_MCP_ALLOWED_ORIGINS="http://localhost:3000,https://your.app"
export FLASK_MCP_CORS_ORIGIN="*"
export FLASK_MCP_LOG_FORMAT=json

Providers autoload

export FLASK_MCP_PROVIDERS="my_pkg.mcp_provider:Provider,another.mod:Pro

... [View full README on GitHub](https://github.com/bashar94/flask-mcp-server#readme)

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

25/100across 5 weighted dimensions

How we score →

0255075100

−75

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Help improve this page

This server is missing a description. Tools and install config are also missing.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Flask Mcp Server safe to use?: Flask Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Flask Mcp Server?: Flask Mcp Server can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with Flask Mcp Server?: Flask Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.
Is Flask Mcp Server actively maintained?: Flask Mcp Server is less actively maintained — last commit was 289 days ago. It has 7 GitHub stars.

Similar servers

Others in developer-tools

View all →

Supabase MCP Server97

Manage Supabase projects — databases, auth, storage, and edge functions

2.7k 4

XcodeBuildMCP97

XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.

5.9k 1

XcodeBuildMCP97

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

5.9k 2

Mcp_agent_mail96

Asynchronous coordination layer for AI coding agents: identities, inboxes, searchable threads, and advisory file leases over FastMCP + Git + SQLite

2.0k 6

MCP Security Weekly

Get CVE alerts and security updates for Flask Mcp Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Flask Mcp Server

Install in your client

What Flask Mcp Server does

Test This Server

Why this score

25/100across 5 weighted dimensions

Security

Help improve this page

Reviews

Frequently Asked Questions

Similar servers

Discussion

Flask Mcp Server

Install in your client

What Flask Mcp Server does

Test This Server

flask-mcp-server

Table of Contents

Requirements

Install

From PyPI

Quick Start

What’s new in 0.6.1

Configuration (env vars)

Auth & roles

Rate limiting

CORS, Origins & Logging

Providers autoload

Why this score

25/100across 5 weighted dimensions

Security

Help improve this page

Reviews

Frequently Asked Questions

Similar servers

Discussion

flask-mcp-server

Table of Contents

Requirements

Install

From PyPI

Quick Start

What’s new in 0.6.1

Configuration (env vars)

Auth & roles

Rate limiting

CORS, Origins & Logging

Providers autoload