Local Deep Research

Name: Local Deep Research
Author: LearningCircuit

local-deep-research · by LearningCircuit

Local Deep Research achieves ~95% on SimpleQA benchmark (tested with GPT-4.1-mini). Supports local and cloud LLMs (Ollama, Google, Anthropic, ...). Searches 10+ sources - arXiv, PubMed, web, and your private documents. Everything Local & Encrypted.

7.8k 0 tools GitHub PyPI

No known CVEs

MIT license

Actively maintained

Last commit 5d ago

Works with most clients

Transport: stdio, sse, http

0 tools

Grade F

Edit this pageView history

Search AI / ML

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "local-deep-research": {
      "env": {
        "LDR_LLM_PROVIDER": "openai",
        "LDR_LLM_OPENAI_API_KEY": "sk-..."
      },
      "command": "ldr-mcp"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/local-deep-research)](https://mcppedia.org/s/local-deep-research)

Read me

What Local Deep Research does

AI-powered research assistant for deep, agentic research

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

uvx 'local-deep-research' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

55/100across 5 weighted dimensions

How we score →

0255075100

−45

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

2 fixed

CVE-2026-43979low · fixedCVSS 3.1

local-deep-research is Vulnerable to HTML Injection via Unescaped User Input in PDF Export (`pdf_service.py:_markdown_to_html`)

## Summary `PDFService._markdown_to_html()` constructs an HTML document by interpolating user-controlled values — specifically `title` (sourced from `research.title` or `research.query`) and `metadata` key-value pairs — directly into an f-string without any HTML escaping. An authenticated attacker can craft a research query containing HTML special characters to inject arbitrary HTML tags into the document processed by WeasyPrint during PDF export. This injection can be chained to trigger a Serv

Affected: >= 0Fixed in 1.6.0source →

CVE-2025-67743low · fixedCVSS 3.1

Local Deep Research is Vulnerable to Server-Side Request Forgery (SSRF) in Download Service

## Summary The download service (`download_service.py`) makes HTTP requests using raw `requests.get()` without utilizing the application's SSRF protection (`safe_requests.py`). This can allow attackers to access internal services and attempt to reach cloud provider metadata endpoints (AWS/GCP/Azure), as well as perform internal network reconnaissance, by submitting malicious URLs through the API, depending on the deployment and surrounding controls. **CWE**: CWE-918 (Server-Side Request Forger

Affected: >= 1.3.0Fixed in 1.3.9source →

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Local Deep Research safe to use?: Local Deep Research has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install Local Deep Research?: Local Deep Research supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What AI clients work with Local Deep Research?: Local Deep Research is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Local Deep Research actively maintained?: Local Deep Research is actively maintained — last commit was 5 days ago. It has 7,781 GitHub stars.

Similar servers

Others in search / ai-ml

View all →

Memory MCP Server98

Persistent memory using a knowledge graph

85.9k 5

Brave Search MCP Server98

Web and local search using Brave Search API

85.9k 2

Antigravity Workspace Template96

Workspace template + MCP server for Claude Code, Codex CLI, Cursor & Windsurf. Multi-agent knowledge engine (ag-refresh / ag-ask) that turns any codebase into a queryable AI assistant.

1.2k 2

Tavily Mcp96

Production ready MCP server with real-time search, extract, map & crawl.

2.0k 4

MCP Security Weekly

Get CVE alerts and security updates for Local Deep Research and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Frequently Asked Questions

Is Local Deep Research safe to use?

Local Deep Research has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.

How do I install Local Deep Research?

Local Deep Research supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What AI clients work with Local Deep Research?

Local Deep Research is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is Local Deep Research actively maintained?

Local Deep Research is actively maintained — last commit was 5 days ago. It has 7,781 GitHub stars.