{"id":"toolsdk-ai-toolsdk-mcp-registry","name":"toolsdk-mcp-registry","homepage":"https://toolsdk.ai","repo_url":"https://github.com/toolsdk-ai/toolsdk-mcp-registry","category":"infrastructure","subcategories":[],"tags":["mcp","mcp-registry","gateway","oauth","sandbox","streamable-http","stdio-bridge","meilisearch","docker","toolsdk","ai-agent"],"what_it_does":"An open-source “MCP Registry & Gateway” that lets clients discover and execute Model Context Protocol (MCP) servers through a unified HTTP API. It supports bridging STDIO-based local MCP servers and remote Streamable HTTP servers, includes a sandboxed execution model, and provides an OAuth 2.1 proxy. It also exposes a publicly hosted registry dataset/index via JSON for programmatic discovery (data-only usage).","use_cases":["Self-host an MCP tool gateway for LLM/agent applications","Remote execution of MCP tools via a single REST-style HTTP endpoint","Expose STDIO-only MCP servers to clients that only speak Streamable HTTP","Federated search/discovery across registered MCP packages/servers","Sandboxed execution of untrusted third-party MCP servers in production"],"not_for":["Direct ad-hoc tool execution without running/staging the gateway","Environments that require strong guarantees about third-party tool safety beyond sandboxing","Use cases that need a pure MCP-native client with no HTTP translation layer"],"best_when":"You want a centralized, self-hosted gateway/registry to execute many MCP tools securely (with sandboxing) and to integrate discovery/execution into agent systems via HTTP.","avoid_when":"You cannot operate a Dockerized service (and related dependencies like search) or you need a lightweight local-only MCP client with no registry/gateway overhead.","alternatives":["Use the upstream MCP registry directly (if compatible with your needs) without a gateway","Host MCP servers individually and integrate them per-server (custom code per protocol/transport)","Build a custom MCP gateway/translator using Streamable HTTP and STDIO MCP client support","Use third-party agent tool registries/gateways with similar sandboxing capabilities"],"af_score":59.0,"security_score":57.2,"reliability_score":30.0,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:39:51.236815+00:00","interface":{"has_rest_api":true,"has_graphql":false,"has_grpc":false,"has_mcp_server":false,"mcp_server_url":null,"has_sdk":true,"sdk_languages":["TypeScript","JavaScript"],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["OAuth 2.1 proxy (for agent integration flows)","Per-request OAuth integration via the gateway (as described in docs references)"],"oauth":true,"scopes":false,"notes":"README indicates built-in OAuth 2.1 support and a proxy. Specific auth headers/parameter names and granular scopes are not shown in the provided content."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"The repo/package appears open-source and self-hosted; no pricing tiers are stated in the provided README content."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":59.0,"security_score":57.2,"reliability_score":30.0,"mcp_server_quality":78.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":65.0,"rate_limit_clarity":25.0,"tls_enforcement":80.0,"auth_strength":70.0,"scope_granularity":30.0,"dependency_hygiene":45.0,"secret_handling":55.0,"security_notes":"Provides sandboxed execution and an OAuth 2.1 proxy, suggesting attention to isolating third-party tools and supporting authenticated flows. However, the provided content does not specify TLS requirements, auth scope granularity, secure secret-handling practices (e.g., logging/redaction), or detailed security headers/rate limiting behavior.","uptime_documented":0.0,"version_stability":55.0,"breaking_changes_history":30.0,"error_recovery":35.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Tool execution is mediated by the gateway; session-based MCP over Streamable HTTP requires reusing the provided mcp-session-id header (expires after ~30 minutes).","Environment-variable passthrough for MCP tools uses x-mcp-env-* headers; agents must avoid leaking secrets into logs.","Sandbox can be disabled via configuration (MCP_SANDBOX_PROVIDER=LOCAL) which may be unsafe for untrusted tools."]}}