mcp-security-sandbox

Zero-Ops deploy of a private AI coding workspace onto your own VPS — straight from your AI chat. Provide only your Ubuntu server credentials and Fractera automatically configures everything (Nginx, HTTPS, auth, database, services) in about 10 minutes: 5 AI coding engines, an autonomous Hermes orchestrator, and private graph memory (LightRAG). No terminal, no DevOps. The deployment is IP-first and free; attaching a custom domain with HTTPS is an optional later step. The connector can register the user, recommend a VPS, run and monitor the full deploy, and answer questions about the project via get_project_info.

29 MCP tools for IPL 2026, IPL historical (18 seasons), and Major League Cricket. Free, no API key.

Extract structured data from PDFs and documents with Suparse AI OCR.

peek records the user's actual logged-in browser (DOM via rrweb, console events, network metadata, optional response bodies via opt-in Deep capture) through a Chrome MV3 extension. The extension ships events through a native-messaging stdio bridge to a local MCP server (peek-mcp), which persists them to a SQLite database at ~/.peek/sessions.db. AI coding agents (Claude Code, Cursor, Cline, Windsurf) read sessions from the database via 10 MCP tools: Tool What it does list_recent_sessions List recently recorded sessions (id, origin, ts, event count). get_session_summary LLM-readable narrative summary of a session. get_session_console_errors Console errors recorded in a session. get_session_network_errors Failed/notable network requests in a session. get_user_action_before_error Last N user actions before a console error. generate_playwright_repro Generate a runnable Playwright test from a session. get_dom_snapshot Reconstruct the DOM at a given timestamp. query_dom_history Timeline of attribute/text changes for a selector. request_authorization Side-panel consent for write actions (Level 3). execute_action Dispatch a UI action (gated by permission level + destructive blocklist). Why local-first matters Every other "browser session for AI" tool ships to a vendor cloud. peek's SQLite + extension live on the user's machine — no remote endpoints, no telemetry. The privacy policy (docs/peek/PRIVACY_POLICY.md) is the source of truth. Install # 1. Add the MCP server to Claude Code claude mcp add peek -- npx -y @peekdev/mcp # 2. Install the Chrome extension from the Chrome Web Store # (link added once the CWS listing is approved)

Build structured intent specs through Socratic AI conversation (zero-config), or connect to your Pathmode workspace for strategic context, dependency graphs, and team governance. v1.5.0 ships with a Claude Code skill pack — 7 auto-triggering skills (compile-intent, grill-intent, verify-intent, review-against-intent, split-intent-to-issues, handoff-intent, setup-pathmode-workflow) installable via `npx @pathmode/mcp-server install-skills`. Makes agents build the right thing, not just any thing.

Use TradeOS MCP Server to bring your trading data, indicators, strategy logic, and agent workflows into MCP-compatible AI tools. Copy your server URL, add it to GPT or Claude, and let your AI assistant work directly with your TradeOS trading intelligence.

Local daemon that tracks Claude Code and OpenCode sessions in real-time. Exposes an MCP server so Claude can query its own usage mid-session: quota status, session cost, top tools, weekly insights, burn rate, and model breakdown. No cloud, no accounts — everythin stays on disk.

AI-powered knowledge base for your Terraform modules. Index, search, compose, and audit - all from one place.

Give your AI agents native, governed access to Salesforce. 700+ purpose-built tools spanning every Salesforce object — Accounts, Leads, Opportunities, Cases, Campaigns, Orders, and more — all protected by DataGrout's enterprise security layer.

Job search and interview prep MCP. 11 tools spanning job discovery, role intelligence, practice question generation, resume scoring, comp benchmarks, and negotiation strategy. Cross-LLM via the hosted endpoint with OAuth 2.1.

130+ QA & dev tools for AI agents. Prompt injection scanning, RAG pipeline testing, VLM test suites, semantic assertions, token counting, hallucination checks, and CI-ready LLM evaluation — all via JSON-RPC. Free, no API key, no signup.

A Go MCP server that indexes .md/.docx/.html/.pdf into a searchable knowledge graph and runs drift audits to flag stale, conflicting, or undocumented content — letting agents govern documents like code.

Open-source memory for AI coding agents. Tell your agent to "remember" something in Cursor, Claude Code, Codex, or Gemini CLI, and Krimto saves it as a plain markdown file in a git repo you own — not rows in a vendor's database. Recall it later in a new chat, a different editor, or on another machine. One npx command, no account, no API key. Apache-2.0, with a user → team → org scope hierarchy so a team can share memory while personal notes stay private. Run: npx @krimto-labs/krimto init

Competitive arena for AI agents via MCP. Register LLM or deterministic bots to compete in game-theory matches (Prisoner's Dilemma, Chess, Tic-Tac-Toe, Mafia, etc.) with ELO rankings, replays, and public leaderboards.

A read-only Model Context Protocol server for Valve's public Steam Web API and storefront. Ask about your friends and games, playtime and achievements, as well as get game suggestions based on your library. Plus account-independent things like sales, reviews, live player counts, Steam Deck compatibility, discovery, and recommendations — bring your own free Steam API key.

Execute one-off or scheduled tasks within a virtual computer that can spin up a real browser, a full coding agent, an email inbox and more. OpenHelm unlocks the ability for your agent to carry out all sorts of tasks, such as: • Deep research on a topic • Emailing + handling responses • Coding work • Updating files What makes OpenHelm the best solution for this: • Underpinned by a powerful AI that monitors work and ensures goals are actually achieved • Browser is SUPER stealthy, meaning it can access more of the web than other bots • Work is managed by a powerful agentic system, facilitating multi-step flows For performing complex, one-off or recurring work, OpenHelm provides a secure, remote environment to make it all possible.

LADU’s MCP server connects AI assistants directly to LA County ADU data. Ask about any address and get a plain-English buildability verdict, the parcel’s zoning and regulatory overlays (hillside, coastal, fire, flood, historic, fault zones), and the governing city’s ADU rules. Query permit statistics for any of 51 supported LA cities — totals, year-over-year trends, and valuation distributions from 19,000+ cleaned permit records going back to 2018. Compare two cities side by side, estimate project costs by type and finish level, or find permitted ADUs near an address.

Create professional visuals — carousels, presentations, social posts, ads, infographics and more directly from AI conversations. 100+ formats, 150+ languages, brand kit support. Describe what you want, paste a URL, or share a document. Canvora generates branded, platform-ready visuals in about a minute.

LADU’s MCP server connects AI assistants directly to LA County ADU data. Ask about any address and get a plain-English buildability verdict, the parcel’s zoning and regulatory overlays (hillside, coastal, fire, flood, historic, fault zones), and the governing city’s ADU rules. Query permit statistics for any of 51 supported LA cities — totals, year-over-year trends, and valuation distributions from 19,000+ cleaned permit records going back to 2018. Compare two cities side by side, estimate project costs by type and finish level, or find permitted ADUs near an address.

CivilQuants computes audit-traceable Bills of Quantities for civil-engineering assemblies — culverts, manholes, retaining walls, pavements, drainage, earthworks — across four UK measurement standards. Parametric inputs in; a methodology-structured BoQ with every quantity traceable to its formula out, exportable to Excel, DXF (CAD) and PDF.

AI Agent 岗位模拟面试 MCP Server —— 基于 FAISS + bge-base-zh-v1.5 构建的 RAG 知识库，为 AI Agent 技术面试提供语义检索、分级题库和个性化学习路径。

Times Rare is a 1,000,000-pixel public canvas where verified AI agents claim permanent image blocks to advertise services to other agents. Agents-only network — humans cannot claim. Verification via OpenAI / Anthropic / Google / xAI / Mistral API-key handshake OR x402 USDC payment on Base L2. Inflation-adjusted Million Dollar Homepage for the 2026 agent economy. $1.5M revenue ceiling at full sellout. Every claim is permanent. Discovery surfaces include /mcp.json, /agents.json, /llms.txt, /.well-known/agent.json, /.well-known/ai-plugin.json, /.well-known/adagents.json, /openapi.json. The canvas itself is browseable + payable via standard HTTP — no stdio or local install required.

Real-time Solana memecoin intelligence for AI agents and trading bots — KOL wallet trades, Pump.fun deployer reputation, token quality scoring, wallet PnL, and pre-confirm launch alerts. 40+ tools. Free API key, or pay-per-call via x402.

A4B is a flat-rate CMMS (asset & maintenance management) that ships a native MCP server — an integration still uncommon in the CMMS category. AI assistants like Claude and ChatGPT can query asset inventory, create and update assets and maintenance tasks, search history, and generate reports. Secured with OAuth sign-in, audit logging, and per-organization isolation.

mcp-kinetic-gain is a single stdio MCP server that exposes all eleven Kinetic Gain Protocol Suite specs to any MCP-compatible client (Claude Desktop, Cline, Cursor, etc.) — 71 tools across AEO Protocol, Prompt Provenance, Agent Cards, AI Evidence Format, MCP Tool Cards, AI Tutor Cards, Student AI Disclosure, Classroom AI AUP, Clinical AI Disclosure, AI Incident Card, AI Procurement Decision Card, plus the DefenseTech 6-pack tooling shipped in v0.8.0. Includes ed25519 attestation verification, hash-chained audit-stream event composition and chain verification (offline AND live against a running audit-stream-py via the optional AUDIT_STREAM_URL env var), cross-spec drift detection, and a Decision Intelligence preview that generates a PolicyBundle from a Decision Card, infers rubric status, and plans incident remediation. Also doubles as a CLI: `npx mcp-kinetic-gain validate path/to/doc.json` auto-detects which Suite spec a JSON file belongs to and validates it against the same zod schemas the MCP tools use. No API key. No build step. Headline tools: aup_check_compliance, decision_card_validate, decision_card_to_policy_bundle, attestation_verify, suite_doc_drift, audit_chain_verify, audit_event_emit, audit_events_query, audit_chain_verify_live. Repo: https://github.com/mizcausevic-dev/mcp-kinetic-gain Suite: https://suite.kineticgain.com License: Apache-2.0