{"id":"phughesmcr-deno-mcp-template","name":"deno-mcp-template","homepage":"https://jsr.io/@phughesmcr/deno-mcp-template","repo_url":"https://github.com/phughesmcr/deno-mcp-template","category":"devtools","subcategories":[],"tags":["mcp","deno","typescript","server-template","stdio-transport","http-transport","sandbox","kv","devtools","dxt","deno-deploy"],"what_it_does":"A template for building production-ready MCP servers in TypeScript with Deno, providing both STDIO and HTTP transports, middleware (rate limiting/CORS/security headers/timeouts), persistent state via Deno KV, session resumability, sandboxed execution utilities, example MCP tools/resources/prompts, and CI/CD plus multiple distribution formats (JSR, native binary, DXT, Deno Deploy).","use_cases":["Bootstrapping a new MCP server quickly (STDIO for desktop clients, HTTP for remote clients)","Building tool/resource/prompt based integrations with persistent KV-backed state","Adding sandboxed tool execution for untrusted code paths","Providing URL-mode and session-based flows for interactive elicitation (browser pages via HTTP paths)","Packaging and deploying the same server across JSR, binaries, DXT, and Deno Deploy"],"not_for":["A drop-in managed hosted MCP API (this is an application/template you run/deploy)","Production use without configuring security settings (auth, allowed origins/hosts, and transport exposure)","Systems needing strong enterprise compliance guarantees out-of-the-box (template includes guidance but not evidence of audits)"],"best_when":"You want a reusable Deno-based codebase scaffold that already wires together MCP transports, state, and safety-related middleware, and you plan to customize the provided example tools/resources/prompts.","avoid_when":"You cannot enforce HTTPS/auth at the deployment layer or you lack the operational ability to configure allowed hosts/origins, reverse proxy behavior, and Deno permissions appropriately.","alternatives":["Build an MCP server directly with Deno + an MCP library (custom architecture)","Use other language/runtime MCP server templates (Node/Go/Python) if you prefer different ecosystems","Standalone MCP server frameworks with prebuilt SDKs and OpenAPI specs (if you require a fully described HTTP API)"],"af_score":66.8,"security_score":64.0,"reliability_score":35.0,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:28:58.875602+00:00","interface":{"has_rest_api":true,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["HTTP Bearer token (Authorization: Bearer ...)","x-api-key header"],"oauth":false,"scopes":false,"notes":"HTTP auth is optional by configuration; template includes a startup failure mode when MCP_REQUIRE_HTTP_AUTH=true is set and no token is provided. It also intentionally skips bearer auth for /mcp-elicitation/* routes."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing model is described for the template itself; costs depend on how you deploy and run the resulting server (local/VM/Deploy)."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":66.8,"security_score":64.0,"reliability_score":35.0,"mcp_server_quality":80.0,"documentation_accuracy":75.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":80.0,"rate_limit_clarity":70.0,"tls_enforcement":85.0,"auth_strength":75.0,"scope_granularity":20.0,"dependency_hygiene":55.0,"secret_handling":80.0,"security_notes":"Template includes HTTPS/TLS options, bearer token or x-api-key auth for /mcp, CORS restrictions (no wildcard), DNS rebinding/host allow-list guidance for non-loopback exposure, and rate limiting with proxy-aware behavior. It also provides sandboxed execution utilities and fetch-website-info URL allowlisting to reduce SSRF risk. Scope granularity appears coarse (single token for access rather than fine-grained scopes). Dependency hygiene cannot be verified from the provided README alone.","uptime_documented":0.0,"version_stability":55.0,"breaking_changes_history":30.0,"error_recovery":55.0,"idempotency_support":"false","idempotency_notes":"Not evidenced in the provided README; template mentions rate limiting, sessions, and resumability but does not explicitly document idempotency semantics for tool execution.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["HTTP auth may be required in production via MCP_REQUIRE_HTTP_AUTH; agents should ensure headers/tokens are configured.","Requests to /mcp-elicitation/* may intentionally bypass bearer auth, which can be a security consideration for exposing the service broadly.","If binding to non-loopback interfaces, additional DNS rebinding/host allow-list settings are required (MCP_ALLOWED_HOSTS/MCP_DNS_REBINDING).","Outbound/in-tool networking may require explicit Deno permissions; the README warns about moving from -A to explicit permissions."]}}