Automatically rewrites Bitbucket URLs to their raw content versions to extract clean, readable text from code repositories.
Automatically rewrites GitHub and Gist URLs to their raw content versions to extract clean, readable text from code repositories.
Automatically rewrites GitLab URLs to their raw content versions to extract clean, readable text from code repositories.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@superFetch MCP Serverfetch and clean the content from https://www.wired.com/story/ai-chip-wars/"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
superFetch MCP Server
One-Click Install
A Model Context Protocol (MCP) server that fetches web pages, extracts readable content with Mozilla Readability, and returns AI-friendly Markdown.
Built for AI workflows that need clean text, stable metadata, and safe-by-default fetching.
Great for: LLM summarization, context retrieval, knowledge base ingestion, and AI agents.
| Quick Start | Tool | Resources | Configuration | Security | Development |
This server can access URLs on behalf of AI assistants. Built-in SSRF protection blocks private IP ranges and cloud metadata endpoints, but exercise caution when deploying in sensitive environments.
Features
Cleaner outputs for LLMs: Readability extraction with quality gates (content ratio + heading retention ≥ 70%)
Markdown that’s easy to consume: metadata footer for HTML + configurable source injection for raw Markdown (markdown or frontmatter)
Handles “raw content” sources: preserves markdown/text; rewrites GitHub/GitLab/Bitbucket/Gist URLs to raw
Works for both local and hosted setups:
Stdio mode: best for MCP clients (VS Code / Claude Desktop / Cursor)
HTTP mode: best for self-hosting (auth, sessions, rate limiting, Host/Origin validation)
Fast and resilient: redirect validation, timeouts, and response size limits
Security-first defaults: URL validation + SSRF/DNS/IP blocklists (blocks private ranges and cloud metadata endpoints)
You get, in one tool call:
Clean, readable Markdown from any public URL (docs, articles, blogs, wikis)
If you’re comparing “just call fetch()” vs superFetch: superFetch focuses on extracting the main content in a readble format for LLMs and even humans, when requested url is fetched it returns clean structured markdown that can also be saved as a resource for later use.
What it is (and isn’t)
It is a content extraction tool: focuses on extracting readable content, not screenshots or full-page data.
It is an MCP server: integrates with any MCP-compatible client (Claude Desktop, VS Code, Cursor, Cline, Windsurf, Codex, etc).
It isn’t a general web scraper: it extracts main content, not all page elements.
It isn’t a browser: it doesn’t execute JavaScript or render pages.
It’s opinionated on safety: blocks private/internal URLs and cloud metadata endpoints by default.
Quick Start
Recommended: use stdio mode with your MCP client (no HTTP server).
Try it in 60 seconds
Add the MCP server config (below)
Restart your MCP client
Call the
fetch-urltool with any public URL
What the tool returns
You’ll get structuredContent with url, resolvedUrl, optional title, and markdown (plus a superfetch://cache/... resource link when cache is enabled and content is large).
Claude Desktop
Add to your claude_desktop_config.json:
VS Code
Add to .vscode/mcp.json in your workspace:
With Custom Configuration
Add environment variables in your MCP client config under env.
See Configuration or CONFIGURATION.md for all available options and presets.
Example output (trimmed)
Tip (Windows): If you encounter issues, try:
cmd /c "npx -y @j0hanz/superfetch@latest --stdio"
Cursor
Open Cursor Settings
Go to Features > MCP Servers
Click "+ Add new global MCP server"
Add this configuration:
Add to your ~/.codex/config.toml file:
Basic Configuration:
With Environment Variables: See CONFIGURATION.md for examples.
Access config file: Click the gear icon -> "Codex Settings > Open config.toml"
Documentation: Codex MCP Guide
Open the Cline MCP settings file:
macOS:
Windows:
Add the configuration:
Add to ./codeium/windsurf/model_config.json:
macOS:
Windows:
Use cases
1) Turn a docs page into “LLM-ready” Markdown
Call
fetch-urlwith the docs URLFeed the returned
markdowninto your summarizer / chunkerUse the metadata footer fields (especially Original Source) for citations
2) Fetch a GitHub/GitLab/Bitbucket file as raw markdown
Pass the normal “web UI” URL to
fetch-urlsuperFetch will rewrite it to the raw content URL when possible
This avoids navigation UI and reduces boilerplate
3) Large pages: keep responses stable with cache resources
When content is large, the tool can include a
superfetch://cache/...resource linkIn MCP clients that support resources, you can read the full content via the resource URI
In HTTP mode, you can also download cached content via
/mcp/downloads/:namespace/:hashwhen cache is enabled
4) Safe-by-default web access for agents
superFetch blocks private IP ranges and common cloud metadata endpoints
If your agent needs internal access, this is intentionally not supported by default (see Security)
Installation (Alternative)
Global Installation
From Source
Running the Server
HTTP mode requires authentication. By default it binds to 127.0.0.1. Non-loopback HOST values require ALLOW_REMOTE=true. To listen on all interfaces, set HOST=0.0.0.0 or HOST=::, set ALLOW_REMOTE=true, and configure OAuth (remote bindings require OAuth).
Windows (PowerShell):
For multiple static tokens, set ACCESS_TOKENS (comma/space separated).
Auth is required for /mcp and /mcp/downloads via Authorization: Bearer <token> (static mode also accepts X-API-Key).
Endpoints:
GET /health(no auth; returns status, name, version, uptime)POST /mcp(auth required)GET /mcp(auth required; SSE stream; requiresAccept: text/event-stream)DELETE /mcp(auth required)GET /mcp/downloads/:namespace/:hash(auth required)
Sessions are managed via the mcp-session-id header (see HTTP Mode Details).
Available Tools
Tool Response Notes
The tool returns structuredContent with url, inputUrl, resolvedUrl, optional title, and markdown when inline content is available. resolvedUrl may differ from inputUrl when the URL is rewritten to raw content (GitHub/GitLab/Bitbucket/Gist). On errors, error is included instead of content.
The response includes:
a
textblock containing JSON ofstructuredContenta
resourceblock embedding markdown when inline content is available (stdio always embeds full markdown; HTTP embeds inline markdown when it fits or when truncated)when content exceeds the inline limit and cache is enabled, a
resource_linkblock pointing tosuperfetch://cache/...(stdio mode still embeds full markdown; HTTP mode omits embedded markdown)error responses set
isError: trueand returnstructuredContentwitherrorandurl
fetch-url
Fetches a webpage and converts it to clean Markdown format with a metadata footer for HTML (raw markdown is preserved with source injection).
Parameter | Type | Default | Description |
| string | required | URL to fetch |
Example
Error response:
Large Content Handling
Inline markdown is capped at 20,000 characters (
maxInlineContentChars).Stdio mode: full markdown is embedded as a
resourceblock; if cache is enabled and content exceeds the inline limit, aresource_linkis still included.HTTP mode: if content exceeds the inline limit and cache is enabled, the response includes a
resource_linktosuperfetch://cache/...and omits embedded markdown. If cache is disabled, the inline markdown is truncated with...[truncated].Upstream fetch size is capped at 10 MB of HTML; larger responses fail.
Resources
URI | Description |
| Cached content entry ( |
Resource listings enumerate cached entries, and subscriptions notify clients when cache entries update.
Download Endpoint (HTTP Mode)
When running in HTTP mode, cached content can be downloaded directly. Downloads are available only when cache is enabled.
Endpoint
namespace:markdownAuth required (
Authorization: Bearer <token>; in static token mode,X-API-Keyis accepted)
Response Headers
Header | Value |
|
|
|
|
|
|
Example Usage
Error Responses
Status | Code | Description |
400 |
| Invalid namespace or hash format |
404 |
| Content not found or expired |
503 |
| Download service disabled |
Configuration
Set environment variables in your MCP client env or in the shell before starting the server.
Core Server Settings
Variable | Default | Description |
|
| HTTP bind address |
|
| HTTP server port (1024-65535) |
|
| User-Agent header for outgoing requests |
|
| Enable response caching |
|
| Cache TTL in seconds (60-86400) |
|
| Logging level ( |
|
| Allow non-loopback binds (OAuth required) |
| (empty) | Additional allowed Host/Origin values |
|
| Worker transform timeout in ms (5000-120000) |
|
| Overall tool timeout in ms (1000-300000) |
|
| Raw markdown metadata format ( |
For HTTP server tuning (SERVER_HEADERS_TIMEOUT_MS, SERVER_REQUEST_TIMEOUT_MS, SERVER_KEEP_ALIVE_TIMEOUT_MS, SERVER_SHUTDOWN_CLOSE_IDLE, SERVER_SHUTDOWN_CLOSE_ALL), see CONFIGURATION.md.
Auth (HTTP Mode)
Variable | Default | Description |
| auto |
|
| (empty) | Comma/space-separated static bearer tokens |
| (empty) | Adds a static bearer token and enables |
Static mode requires at least one token (ACCESS_TOKENS or API_KEY).
OAuth (HTTP Mode)
Required when AUTH_MODE=oauth (or auto-selected by presence of OAuth URLs):
Variable | Default | Description |
| - | OAuth issuer |
| - | Authorization endpoint |
| - | Token endpoint |
| - | Introspection endpoint |
Optional:
Variable | Default | Description |
| - | Revocation endpoint |
| - | Dynamic client registration endpoint |
|
| Protected resource URL |
| (empty) | Required scopes (comma/space separated) |
| - | Client ID for introspection |
| - | Client secret for introspection |
|
| Introspection timeout (1000-30000) |
Fixed Limits (Not Configurable via env)
Fetch timeout: 15 seconds
Max redirects: 5
Max HTML response size: 10 MB
Inline markdown limit: 20,000 characters
Cache max entries: 100
Session TTL: 30 minutes
Session init timeout: 10 seconds
Max sessions: 200
Rate limit: 100 req/min per IP (60s window)
See CONFIGURATION.md for preset examples and quick-start snippets.
HTTP Mode Details
HTTP mode uses the MCP Streamable HTTP transport. The workflow is:
POST /mcpwith aninitializerequest and nomcp-session-idheader.The server returns
mcp-session-idin the response headers.Use that header for subsequent
POST /mcp,GET /mcp, andDELETE /mcprequests.
If the mcp-protocol-version header is missing, the server rejects the request. Only mcp-protocol-version: 2025-11-25 is supported.
GET /mcp and DELETE /mcp require mcp-session-id. POST /mcp without an initialize request will return 400.
Additional HTTP transport notes:
POST /mcpshould advertiseAccept: application/json, text/event-stream(the server normalizes missing or*/*Accept headers).GET /mcprequiresAccept: text/event-stream(otherwise 406).JSON-RPC batch requests are not supported (400).
If the server reaches its session cap (200), it evicts the oldest session when possible; otherwise it returns a 503.
Host and Origin headers are always validated. Allowed values include loopback hosts, the configured HOST (if not a wildcard), and any entries in ALLOWED_HOSTS. When binding to 0.0.0.0 or ::, set ALLOWED_HOSTS to the hostnames clients will send.
Security
SSRF Protection
Blocked destinations include:
Loopback and unspecified addresses (
127.0.0.0/8,::1,0.0.0.0,::)Private/ULA ranges (
10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,fc00::/7)Link-local and shared address space (
169.254.0.0/16,100.64.0.0/10,fe80::/10)Multicast/reserved ranges (
224.0.0.0/4,240.0.0.0/4,ff00::/8)IPv6 transition ranges (
64:ff9b::/96,64:ff9b:1::/48,2001::/32,2002::/16)Cloud metadata endpoints (AWS/GCP/Azure/Alibaba) like
169.254.169.254,metadata.google.internal,metadata.azure.com,100.100.100.200,instance-dataInternal suffixes such as
.localand.internal
DNS resolution is performed and blocked if any resolved IP matches a blocked range.
URL Validation
Only
httpandhttpsURLsNo embedded credentials in URLs
Max URL length: 2048 characters
Hostnames ending in
.localor.internalare rejected
Host/Origin Validation (HTTP Mode)
Host header must match loopback, configured
HOST(if not a wildcard), orALLOWED_HOSTSOrigin header (when present) is validated against the same allow-list
Rate Limiting
Rate limiting applies to /mcp and /mcp/downloads (100 req/min per IP, 60s window). OPTIONS requests are not rate-limited.
Development
Scripts
Command | Description |
| Development server with hot reload |
| Compile TypeScript |
| Production server |
| Run ESLint |
| Auto-fix lint issues |
| TypeScript type checking |
| Format with Prettier |
| Run Node test runner (builds dist) |
| Run tests with experimental coverage |
| Find unused exports/dependencies |
| Auto-fix unused code |
| Launch MCP Inspector |
Note: Tests run via
node --testwith--experimental-transform-typesto execute.tstest files. Node will emit an experimental warning.
Tech Stack
Category | Technology |
Runtime | Node.js >=20.18.1 |
Language | TypeScript 5.9 |
MCP SDK | @modelcontextprotocol/sdk ^1.25.2 |
Content Extraction | @mozilla/readability ^0.6.0 |
HTML Parsing | linkedom ^0.18.12 |
Markdown | node-html-markdown ^2.0.0 |
HTTP | Express ^5.2.1, undici ^7.18.2 |
Validation | Zod ^4.3.5 |
Contributing
Fork the repository
Create a feature branch:
git checkout -b feature/amazing-featureEnsure linting passes:
npm run lintRun tests:
npm testCommit changes:
git commit -m 'Add amazing feature'Push:
git push origin feature/amazing-featureOpen a Pull Request
For examples of other MCP servers, see: github.com/modelcontextprotocol/servers