Skip to main content
Glama
AgiFlow

AI Code Toolkit

by AgiFlow
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Hybrid
mcp-config.yaml.liquid4.59 kB
# MCP Server Configuration # This file configures the MCP servers that one-mcp will connect to # # Environment Variable Interpolation: # Use ${VAR_NAME} syntax to reference environment variables # Example: ${HOME}, ${API_KEY}, ${DATABASE_URL} # # Instructions: # - config.instruction: Server's default instruction (from server documentation) # - instruction: User override (optional, takes precedence over config.instruction) # - config.toolBlacklist: Array of tool names to hide/block from this server # - config.omitToolDescription: Boolean to show only tool names without descriptions (saves tokens) # Remote Configuration Sources (OPTIONAL) # Fetch and merge configurations from remote URLs # Remote configs are merged with local configs based on merge strategy # # SECURITY: SSRF Protection is ENABLED by default # - Only HTTPS URLs are allowed (set security.enforceHttps: false to allow HTTP) # - Private IPs and localhost are blocked (set security.allowPrivateIPs: true for internal networks) # - Blocked ranges: 127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16 remoteConfigs: # Example 1: Basic remote config with default security # - url: ${AGIFLOW_URL}/api/v1/mcp-configs # headers: # Authorization: Bearer ${AGIFLOW_API_KEY} # mergeStrategy: local-priority # Options: local-priority (default), remote-priority, merge-deep # # Example 2: Remote config with custom security settings (for internal networks) # - url: ${INTERNAL_URL}/mcp-configs # headers: # Authorization: Bearer ${INTERNAL_TOKEN} # security: # allowPrivateIPs: true # Allow internal IPs (default: false) # enforceHttps: false # Allow HTTP (default: true, HTTPS only) # mergeStrategy: local-priority # # Example 3: Remote config with additional validation (OPTIONAL) # - url: ${AGIFLOW_URL}/api/v1/mcp-configs # headers: # Authorization: Bearer ${AGIFLOW_API_KEY} # X-API-Key: ${AGIFLOW_API_KEY} # security: # enforceHttps: true # Require HTTPS (default: true) # allowPrivateIPs: false # Block private IPs (default: false) # validation: # OPTIONAL: Additional regex validation on top of security checks # url: ^https://.*\.agiflow\.io/.* # OPTIONAL: Regex pattern to validate URL format # headers: # OPTIONAL: Regex patterns to validate header values # Authorization: ^Bearer [A-Za-z0-9_-]+$ # X-API-Key: ^[A-Za-z0-9_-]{32,}$ # mergeStrategy: local-priority mcpServers: {%- if mcpServers %}{% for server in mcpServers %} {{ server.name }}: command: {{ server.command }} args:{% for arg in server.args %} - '{{ arg }}'{% endfor %} # env: # LOG_LEVEL: info # # API_KEY: ${MY_API_KEY} # config: # instruction: Use this server for... # # toolBlacklist: # # - tool_to_block # # omitToolDescription: true {% endfor %} # Example MCP server using SSE transport # remote-server: # url: https://example.com/mcp # type: sse # headers: # Authorization: Bearer ${API_KEY} # config: # instruction: This server provides tools for... {% else %} # Example MCP server using stdio transport example-server: command: node args: - /path/to/mcp-server/build/index.js env: # Environment variables for the MCP server LOG_LEVEL: info # You can use environment variable interpolation: # DATABASE_URL: ${DATABASE_URL} # API_KEY: ${MY_API_KEY} config: # Server's default instruction (from server documentation) instruction: Use this server for... # Optional: Block specific tools from being listed or executed # toolBlacklist: # - dangerous_tool_name # - another_blocked_tool # Optional: Omit tool descriptions to save tokens (default: false) # omitToolDescription: true # instruction: Optional user override - takes precedence over config.instruction # Example MCP server using SSE transport with environment variables # remote-server: # url: https://example.com/mcp # type: sse # headers: # # Use ${VAR_NAME} to interpolate environment variables # Authorization: Bearer ${API_KEY} # config: # instruction: This server provides tools for... # # Optional: Block specific tools from being listed or executed # # toolBlacklist: # # - tool_to_block # # Optional: Omit tool descriptions to save tokens (default: false) # # omitToolDescription: true # # instruction: Optional user override {% endif %}

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/AgiFlow/aicode-toolkit'

If you have feedback or need assistance with the MCP directory API, please join our Discord server