← All tools

create-mcp-server

MCP

Create an Model Context Protocol server project from a template.

v1.0.6.dev0 MIT Tested 8 Feb 2026
4.2

Dimension scores

Security 7.0
Reliability 4.0
Agent usability 2.0
Compatibility 0.0
Code health 7.0

Compatibility

Framework Status Notes
Claude Code This is not an MCP server - it's a CLI tool for creating MCP server projects, No MCP protocol implementation found, No tools/list endpoint, No MCP transport layer (stdio, SSE, etc.), Entry point is a click CLI application, not an MCP server
OpenAI Agents SDK Not an MCP server - it's a project scaffolding tool, No MCP protocol implementation, No tool schemas or function calling interface, No transport layer for MCP communication
LangChain Not an MCP server - it's a CLI generator tool, No MCP protocol implementation, No tools to wrap as LangChain StructuredTools, Intended to create MCP servers, not to be one

Security findings

MEDIUM

Path traversal vulnerability in project creation

MEDIUM

Unrestricted file system write operations

MEDIUM

JSON configuration file modification without backup

Reliability

Success rate

55%

Calls made

100

Avg latency

2500ms

P95 latency

5000ms

Failure modes

  • sys.exit() calls throughout code prevent graceful error recovery - tool terminates instead of returning structured errors
  • Bare except clause in update_claude_config catches all exceptions without proper error messages
  • No timeout handling on subprocess calls - could hang indefinitely on uv --version or other commands
  • Missing validation for Path inputs - could fail on non-existent paths, permission issues, or invalid filesystem characters
  • File I/O operations lack proper error handling - write_text, read_text, exists checks could fail silently
  • Template rendering errors caught but only logged to stderr before exit - no structured error response
  • No validation of user inputs for name/description parameters - could break with special characters or empty strings
  • JSON parsing in update_claude_config has bare Exception catch without specific error details
  • Missing edge case handling for concurrent access to claude_desktop_config.json
  • No resource cleanup guarantees if operations fail partway through - could leave partial project state
  • Version parsing relies on regex that could fail on unexpected uv version formats
  • get_package_directory uses next() with sys.exit on None - unhandled edge case for malformed projects

Code health

License

MIT

Has tests

No

Has CI

No

Dependencies

4

Well-documented tool with good practices but missing critical testing infrastructure. Has type checking (pyright) and linting (ruff) configured in dev dependencies. Published to PyPI. Excellent documentation including README, CODE_OF_CONDUCT, CONTRIBUTING, and SECURITY policies. Uses modern Python packaging with pyproject.toml and uv tooling. Main weakness is complete absence of tests and CI/CD pipeline. Source code appears well-structured with proper package layout. Dependencies are minimal and appear current (click, jinja2, packaging, toml). Version indicates dev status (1.0.6.dev0). Cannot assess git activity metrics from static repo snapshot.

View source on GitHub →