{"id":"ivanmurzak-mcp-plugin-dotnet","name":"MCP-Plugin-dotnet","homepage":null,"repo_url":"https://github.com/IvanMurzak/MCP-Plugin-dotnet","category":"devtools","subcategories":[],"tags":["ai","mcp","dotnet","signalr","reflection","stdio","http","unity","wpf","server-client-bridge","sdk"],"what_it_does":"Provides a bridge between MCP clients (via stdio/http) and in-process .NET apps by exposing .NET methods as MCP tools/prompts/resources. The .NET app hosts an in-app SignalR client that connects to a standalone MCP bridge server (McpPlugin.Server), which then serves MCP over stdio/http transports. Tools/prompt/resource schemas are generated from C# types using ReflectorNet, with attribute-based registration and optional fuzzy method matching.","use_cases":["Expose Unity/WPF/Game-server running state to an MCP-capable AI assistant without repeatedly spawning new processes","Build MCP-powered internal copilots that can call .NET business logic (tools) and return results/resources","Connect multiple long-lived .NET apps to a central MCP bridge for interactive workflows","Add observability via analytics webhooks and gate connections via an authorization webhook"],"not_for":["Public internet deployments without hardening the auth/network layer","Use cases requiring strict, well-defined tool-selection behavior without fuzzy matching risk","Organizations needing a fully specified REST/OpenAPI contract or SDK for non-.NET ecosystems","Teams that require explicit, documented idempotency semantics for tool calls"],"best_when":"You have a long-running .NET process (e.g., Unity Editor or desktop app) and want MCP clients to interact with that live instance through a persistent bridge and strongly-typed tool schemas.","avoid_when":"You cannot reliably secure SignalR and MCP endpoints (e.g., no TLS/auth, no allowlists, or fail-open authorization).","alternatives":["Run a separate standard MCP server subprocess (simpler lifecycle but may not work well with heavy .NET apps)","Build a native MCP server in your environment (e.g., Node/Python) that calls into your .NET services via HTTP/queues","Expose functionality through your own REST API and use an MCP bridge that wraps that API"],"af_score":58.8,"security_score":47.5,"reliability_score":41.2,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:40:26.098558+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":"http://localhost:8080 (default; hub endpoint /hub/mcp-server; transport can be stdio or streamable http depending on client-transport)","has_sdk":true,"sdk_languages":["C#",".NET"],"openapi_spec_url":null,"webhooks":true},"auth":{"methods":["Bearer token (server-side 'token' / MCP_PLUGIN_TOKEN) for connecting plugins","Authorization webhook gating (webhook-authorization-url) with fail-open/fail-closed behavior","Webhook token for analytics/authorization webhooks (webhook-token) via header (webhook-header default X-Webhook-Token)"],"oauth":false,"scopes":false,"notes":"Auth is primarily described via a bearer-token requirement for connecting plugins plus optional connection authorization webhook. OAuth/scopes are not indicated."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Open-source library (NuGet badge shown). No hosted pricing described."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":58.8,"security_score":47.5,"reliability_score":41.2,"mcp_server_quality":78.0,"documentation_accuracy":72.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":55.0,"rate_limit_clarity":10.0,"tls_enforcement":60.0,"auth_strength":55.0,"scope_granularity":10.0,"dependency_hygiene":45.0,"secret_handling":65.0,"security_notes":"Security model appears to rely on (a) optional bearer token for plugin connections and (b) optional synchronous authorization webhook; analytics webhooks include a token and HMAC signature field description (when webhook-token configured). TLS is not explicitly mandated in docs excerpt (examples use http://localhost; production guidance mentions using HTTPS for webhook endpoints). Scope granularity for authorization is not described. Fire-and-forget analytics webhook failures are logged but not blocking.","uptime_documented":0.0,"version_stability":45.0,"breaking_changes_history":50.0,"error_recovery":70.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Fuzzy method matching (method name match level) can lead to unexpected tool selection if multiple similar method names exist","Tool side effects may not be idempotent; callers should consider retry safety","Transport configuration matters: client-transport=stdio vs streamableHttp impacts how the bridge accepts MCP clients","Authorization webhook may be configured fail-open; for security-sensitive deployments prefer fail-closed (fail-open=false)"]}}