{"id":51293170,"url":"https://github.com/garvae/mcp-mcphub","last_synced_at":"2026-06-30T12:03:45.274Z","repository":{"id":365850375,"uuid":"1273726014","full_name":"garvae/mcp-mcphub","owner":"garvae","description":"MCP server for managing MCPHub instances through the MCPHub REST Management API","archived":false,"fork":false,"pushed_at":"2026-06-29T08:27:52.000Z","size":639,"stargazers_count":0,"open_issues_count":2,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-29T10:19:10.918Z","etag":null,"topics":["ai-agents","automation","mcp","mcp-management","mcp-server","mcphub","model-context-protocol","nodejs","openapi","self-hosted","stdio","streamable-http","typescript"],"latest_commit_sha":null,"homepage":"https://github.com/garvae/mcp-mcphub","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/garvae.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":"SUPPORT.md","governance":null,"roadmap":"ROADMAP.md","authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null},"funding":{"github":"garvae","ko_fi":"garvae"}},"created_at":"2026-06-18T20:12:20.000Z","updated_at":"2026-06-19T09:38:40.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/garvae/mcp-mcphub","commit_stats":null,"previous_names":["garvae/mcp-mcphub"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/garvae/mcp-mcphub","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/garvae%2Fmcp-mcphub","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/garvae%2Fmcp-mcphub/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/garvae%2Fmcp-mcphub/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/garvae%2Fmcp-mcphub/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/garvae","download_url":"https://codeload.github.com/garvae/mcp-mcphub/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/garvae%2Fmcp-mcphub/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34965647,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-30T02:00:05.919Z","response_time":92,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-agents","automation","mcp","mcp-management","mcp-server","mcphub","model-context-protocol","nodejs","openapi","self-hosted","stdio","streamable-http","typescript"],"created_at":"2026-06-30T12:03:43.957Z","updated_at":"2026-06-30T12:03:45.199Z","avatar_url":"https://github.com/garvae.png","language":"TypeScript","funding_links":["https://github.com/sponsors/garvae","https://ko-fi.com/garvae"],"categories":[],"sub_categories":[],"readme":"\u003c!-- markdownlint-disable MD033 MD041 --\u003e\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"./assets/readme/hero.svg\" alt=\"MCPHub Management MCP: typed, profile-gated MCP tools for managing MCPHub through the REST Management API\" /\u003e\n\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003eMCPHub Management MCP\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n  Typed, profile-gated MCP tools for managing MCPHub instances through the REST Management API.\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"#quick-start\"\u003eQuick Start\u003c/a\u003e\n  ·\n  \u003ca href=\"https://github.com/samanhappy/mcphub\"\u003eMCPHub\u003c/a\u003e\n  ·\n  \u003ca href=\"https://docs.mcphub.app/\"\u003eMCPHub Docs\u003c/a\u003e\n  ·\n  \u003ca href=\"./docs/tools.md\"\u003eTools\u003c/a\u003e\n  ·\n  \u003ca href=\"./docs/security.md\"\u003eSecurity\u003c/a\u003e\n  ·\n  \u003ca href=\"./CONTRIBUTING.md\"\u003eContribute\u003c/a\u003e\n\u003c/p\u003e\n\u003c!-- markdownlint-enable MD033 MD041 --\u003e\n\n[![License: Apache-2.0](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](./LICENSE)\n[![Node.js 22.13%2B](https://img.shields.io/badge/node-22.13%2B-339933.svg)](./package.json)\n[![npm version](https://img.shields.io/npm/v/@garvae/mcp-mcphub.svg)](https://www.npmjs.com/package/@garvae/mcp-mcphub)\n\n`@garvae/mcp-mcphub` turns [MCPHub][mcphub]'s REST Management API into typed, profile-gated MCP tools, so agents and operators can inspect, operate, and maintain MCPHub without hand-written REST calls.\n\nMCPHub is the upstream hub this package manages; see the [MCPHub docs][mcphub-docs], [API reference][mcphub-api], and [CLI docs][mcphub-cli].\n\nUse it when you want Claude, Codex, CI, or internal automation to manage MCPHub through MCP-native tools while keeping dangerous operations behind profiles, confirmations, and feature flags.\n\nIt is an independent, unofficial, community-maintained package. It manages MCPHub itself. It does not replace MCPHub, and it does not replace MCPHub's downstream `/mcp` gateway endpoints.\n\n## At a Glance\n\n| Capability              | What it means                                                 |\n| ----------------------- | ------------------------------------------------------------- |\n| Typed MCP tools         | MCPHub management APIs exposed as structured `mcphub_*` tools |\n| Profile-gated access    | `safe`, `ops`, `admin`, `all` surfaces                        |\n| Agent-friendly catalogs | generated Markdown and JSON tool catalogs                     |\n| Route coverage          | MCPHub API coverage matrix and drift checks                   |\n| Safe defaults           | redaction, confirmations, dangerous feature flags off         |\n| npm-first               | local `npx` / `stdio` by default                              |\n\n## Quick Start\n\nThis example shows the smallest local setup: one MCP client launches this package over `stdio` with the `safe` exposure profile.\n\nFor HTTP mode, Docker/self-build deployments, shared gateways, or MCP manager setups, see [runtime modes][runtime-modes], [Streamable HTTP][http-docs], and [shared gateway integration][managed-gateway].\n\n### 1. Start with a running MCPHub instance\n\nYou need a running [MCPHub][mcphub] instance first. This package manages MCPHub; it does not install or replace MCPHub.\n\nUse your MCPHub base URL as `MCPHUB_URL`, for example `https://mcphub-site.com`. If you are still setting up MCPHub itself, start with the [upstream docs][mcphub-docs] or the [upstream repository][mcphub].\n\n### 2. Create an MCPHub management credential\n\nCreate a management credential in MCPHub. For unattended local or CI usage, the recommended first credential is a system-level bearer key with management access.\n\nUpstream MCPHub CLI example:\n\n```bash\nmcphub login --url https://mcphub-site.com --username admin\nmcphub keys create --name mcp-mcphub --access-type all\n```\n\nCopy the generated token when MCPHub prints it. Use that token as `MCPHUB_TOKEN`.\n\nIf your deployment uses another auth flow, see [auth modes][auth-modes], [getting started][getting-started], and the [upstream CLI docs][mcphub-cli].\n\n### 3. Put the variables where your client can read them\n\nSet these values either:\n\n- in your shell before running the CLI;\n- in a local `.env` file;\n- directly in your MCP client config;\n- in your MCP manager or shared gateway environment.\n\nThe shell examples below are only one option. See [minimal config][minimal-config], [full configuration][configuration], and [managed gateway integration][managed-gateway].\n\nExample shell setup:\n\n### Bash\n\n```bash\nexport MCPHUB_URL=\"https://mcphub-site.com\"\nexport MCPHUB_TOKEN=\"REPLACE_ME\"\n\nnpx @garvae/mcp-mcphub doctor\nnpx @garvae/mcp-mcphub stdio --exposure=safe\n```\n\n### PowerShell\n\n```powershell\n$env:MCPHUB_URL = \"https://mcphub-site.com\"\n$env:MCPHUB_TOKEN = \"REPLACE_ME\"\n\nnpx @garvae/mcp-mcphub doctor\nnpx @garvae/mcp-mcphub stdio --exposure=safe\n```\n\nExample local `.env` for `stdio`:\n\n```dotenv\nMCPHUB_URL=https://mcphub-site.com\nMCPHUB_TOKEN=REPLACE_ME\n```\n\n### 4. Run doctor before connecting the client\n\nRun `doctor` first to verify that config loads, MCPHub is reachable, and the management credential is accepted. Use `doctor --json` when you need machine-readable diagnostics or CI-friendly output.\n\n\u003c!-- markdownlint-disable MD033 --\u003e\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"./assets/readme/doctor-demo.svg\" alt=\"Illustrative doctor command preview showing runtime checks, upstream reachability, credentials, exposure profile, and redaction-sensitive diagnostics\" /\u003e\n\u003c/p\u003e\n\u003c!-- markdownlint-enable MD033 --\u003e\n\nThe preview is illustrative. For troubleshooting details, see [troubleshooting][troubleshooting] and [getting started][getting-started].\n\n### 5. Connect one local MCP client over `stdio`\n\nFor one local client, `stdio` is the smallest setup: no HTTP listener, no reverse proxy, and no inbound MCP token.\n\nClaude Desktop / Claude Code style example:\n\n```json\n{\n  \"mcpServers\": {\n    \"mcphub-safe\": {\n      \"type\": \"stdio\",\n      \"command\": \"npx\",\n      \"args\": [\"-y\", \"@garvae/mcp-mcphub\", \"stdio\", \"--exposure=safe\"],\n      \"env\": {\n        \"MCPHUB_URL\": \"https://mcphub-site.com\",\n        \"MCPHUB_TOKEN\": \"REPLACE_ME\"\n      }\n    }\n  }\n}\n```\n\nSee [stdio mode][stdio-docs], [getting started][getting-started], and [runtime modes][runtime-modes].\n\nUsing HTTP instead of `stdio`? You will also need an inbound MCP token such as `MCP_HTTP_AUTH_TOKEN`. See [Streamable HTTP][http-docs].\n\nHTTP-only addition:\n\n```dotenv\nMCP_HTTP_AUTH_TOKEN=REPLACE_ME_SAFE_TOKEN\n```\n\n`MCP_HTTP_AUTH_TOKEN` and `MCP_HTTP_AUTH_TOKENS_JSON` are only for HTTP mode. They are not required for normal local `stdio`.\n\n## What This Is\n\n- Typed MCP tools for MCPHub management\n- CLI-first runtime with `stdio` and Streamable HTTP transports\n- Exposure-profile filtering for safer agent access\n- Structured schemas, confirmations, and redaction defaults\n\n## What This Is Not\n\n- Not official MCPHub\n- Not MCPHub itself\n- Not a replacement for downstream `/mcp` gateway endpoints\n- Not a generic arbitrary HTTP proxy\n- Not a replacement for MCPHub UI, CLI, or deployment tooling\n\n## How It Fits\n\n\u003c!-- markdownlint-disable MD033 --\u003e\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"./assets/readme/architecture.svg\" alt=\"Architecture diagram: MCP clients connect through stdio or Streamable HTTP to mcp-mcphub, which filters tools by profile and calls the MCPHub REST Management API\" /\u003e\n\u003c/p\u003e\n\u003c!-- markdownlint-enable MD033 --\u003e\n\nClients connect to this package through `stdio` or Streamable HTTP, depending on whether they run locally or through a shared service. The package exposes typed `mcphub_*` tools instead of raw HTTP calls, so schemas, confirmations, and redaction rules stay consistent across clients. Exposure profiles decide which tools are actually available at runtime. Upstream operations are executed through the MCPHub REST Management API.\n\n## Why Use It\n\n- Let Claude, Codex, CI, or trusted automation manage MCPHub through MCP tools\n- Avoid ad-hoc REST calls and client-specific wrappers\n- Work with typed schemas instead of free-form request payloads\n- Start with `safe`, then raise exposure only when needed\n- Keep destructive surfaces behind confirmations and feature flags\n- Use generated tool catalogs and route coverage exports for static analysis\n\n## Common Use Cases\n\n- Inspect MCPHub health, config, servers, groups, logs, and activity.\n- Let an AI coding agent list available MCPHub servers and explain the current setup.\n- Reload or toggle servers through an `ops` profile without exposing full admin tools.\n- Manage groups, prompts, resources, and server definitions through trusted admin workflows.\n- Compare MCPHub route coverage against upstream changes.\n- Generate AI-readable tool catalogs for static planning and reviews.\n\n## Requirements\n\n- Node.js `22.13+` (Node 22 LTS baseline; Node 24 also supported)\n- A reachable MCPHub instance\n- An MCPHub management credential\n- Recommended first credential: a system-level bearer key with suitable management access\n- `pnpm` is required for development, not for normal `npx` usage\n\n## Official MCPHub Links\n\n- Official repository: [samanhappy/mcphub][mcphub]\n- Official documentation: [docs.mcphub.app][mcphub-docs]\n- Official API reference: [docs.mcphub.app/api-reference/introduction][mcphub-api]\n- Official AI-readable docs index: [docs.mcphub.app/llms.txt][mcphub-llms]\n- Official CLI and key-management examples: [MCPHub CLI docs][mcphub-cli]\n\n## Token Model\n\n- `MCPHUB_TOKEN` authenticates this package to upstream MCPHub\n- `MCP_HTTP_AUTH_TOKEN` or `MCP_HTTP_AUTH_TOKENS_JSON` authenticates inbound HTTP MCP clients to this package\n- `MCP_HTTP_*` auth tokens are local to this package and are needed only for HTTP mode\n\nFor manual upstream bearer validation, prefer a normal management endpoint such as `GET /api/servers`. Do not use `GET /api/auth/keys` as the first bearer smoke check on older MCPHub versions.\n\n## Client Examples\n\n### Claude Desktop / Claude Code style `stdio`\n\n```json\n{\n  \"mcpServers\": {\n    \"mcphub-safe\": {\n      \"type\": \"stdio\",\n      \"command\": \"npx\",\n      \"args\": [\"-y\", \"@garvae/mcp-mcphub\", \"stdio\", \"--exposure=safe\"],\n      \"env\": {\n        \"MCPHUB_URL\": \"https://mcphub-site.com\",\n        \"MCPHUB_TOKEN\": \"REPLACE_ME\"\n      }\n    }\n  }\n}\n```\n\n### Codex TOML\n\n```toml\n[mcp_servers.mcphub_safe]\ncommand = \"npx\"\nargs = [\"-y\", \"@garvae/mcp-mcphub\", \"stdio\", \"--exposure=safe\"]\nenv_vars = [\"MCPHUB_URL\", \"MCPHUB_TOKEN\"]\nstartup_timeout_sec = 20\ntool_timeout_sec = 90\nenabled = true\n```\n\n### Short HTTP example\n\n```bash\nexport MCPHUB_URL=\"https://mcphub-site.com\"\nexport MCPHUB_TOKEN=\"REPLACE_ME\"\nexport MCP_HTTP_AUTH_TOKEN=\"REPLACE_ME_SAFE_TOKEN\"\n\nnpx @garvae/mcp-mcphub http\n```\n\nSee [Streamable HTTP][http-docs] for full HTTP configuration, reverse-proxy guidance, and client auth mapping.\n\n## Runtime Modes\n\n- `stdio`: best default for local MCP clients\n- Streamable HTTP: for shared internal services, CI, reverse proxies, and long-running deployments\n- Docker: optional self-build only\n\nDocker is optional. The official distribution channel is npm; Docker examples are provided for users who want to build and run their own container image.\n\n## Exposure Profiles\n\n| Profile | Intended use                         | Notes            |\n| ------- | ------------------------------------ | ---------------- |\n| `safe`  | read-only diagnostics and inventory  | start here       |\n| `ops`   | reversible operational changes       | includes `safe`  |\n| `admin` | administrative CRUD                  | includes `ops`   |\n| `all`   | maximum supported management surface | includes `admin` |\n\nUse the smallest profile that works. Dangerous feature-flagged surfaces stay disabled by default. Runtime `tools/list` is the final source of truth for what a client can actually access.\n\n## Supported Areas\n\n| Area                             | Coverage examples                                             |\n| -------------------------------- | ------------------------------------------------------------- |\n| Platform and health              | health checks, public config, runtime config                  |\n| Inventory and diagnostics        | servers, groups, discovery, logs, activity                    |\n| Servers                          | server CRUD, reloads, toggles, descriptions                   |\n| Groups                           | group CRUD and membership                                     |\n| Logs and activity                | operational visibility and summaries                          |\n| Auth and identity                | current user, bearer keys, OAuth clients, user management     |\n| Templates and config             | settings snapshots, templates, system config                  |\n| Market, cloud, registry, OpenAPI | where upstream management routes are supported and classified |\n\n## Tool Catalogs and API Coverage\n\n- Curated overview: [docs/tools.md][tools-docs]\n- Generated catalog index: [docs/generated/README.md][generated-catalogs]\n- `safe` catalog: [docs/generated/tools.safe.md](./docs/generated/tools.safe.md)\n- `ops` catalog: [docs/generated/tools.ops.md](./docs/generated/tools.ops.md)\n- `admin` catalog: [docs/generated/tools.admin.md](./docs/generated/tools.admin.md)\n- `all` catalog: [docs/generated/tools.all.md](./docs/generated/tools.all.md)\n- Generated JSON catalogs:\n  - [docs/generated/tools.safe.json](./docs/generated/tools.safe.json)\n  - [docs/generated/tools.ops.json](./docs/generated/tools.ops.json)\n  - [docs/generated/tools.admin.json](./docs/generated/tools.admin.json)\n  - [docs/generated/tools.all.json](./docs/generated/tools.all.json)\n- Route coverage matrix: [docs/api-coverage.md][api-coverage]\n- Machine-readable coverage export: [docs/generated/api-coverage.json](./docs/generated/api-coverage.json)\n\nGenerated JSON catalogs are useful for AI agents, static planning, and automated analysis.\n\n## Built for Safe Agent Operations\n\nMCPHub management is powerful: it can affect servers, groups, users, keys, logs, templates, and system config. This package exposes that power through profiles, confirmations, feature flags, and generated catalogs so agents can start read-only and only receive broader capabilities when explicitly configured.\n\n## For AI Agents\n\nStart with [docs/for-ai-agents.md][ai-agents].\nUse generated JSON catalogs for static planning.\nUse runtime `tools/list` as the final source of truth for exact schemas available to a selected profile.\nDo not assume `admin` or `all` tools are exposed unless the profile and feature flags allow them.\n\n## Security at a Glance\n\n| Control                          | Current behavior                                                                                                                         |\n| -------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- |\n| Exposure profiles                | server-side profile filtering                                                                                                            |\n| Secret redaction                 | enabled by default                                                                                                                       |\n| Destructive actions              | structured confirmations                                                                                                                 |\n| Dangerous surfaces               | feature-flagged and off by default                                                                                                       |\n| HTTP auth                        | required in HTTP mode                                                                                                                    |\n| Host and origin validation       | enforced in HTTP mode                                                                                                                    |\n| Request limits and rate limiting | enforced in HTTP mode                                                                                                                    |\n| Audit logging                    | optional and off unless configured                                                                                                       |\n| SSRF protection                  | recursive URL-field checks, HTTP/HTTPS-only validation, localhost/private-network blocking; DNS-based SSRF protection is not implemented |\n| Security reporting               | follow [SECURITY.md][security-policy]                                                                                                    |\n\nRead-only endpoints may still expose operationally sensitive information even after redaction. Review [docs/security.md][security-docs] before exposing anything beyond local trusted use.\n\n## Community\n\nThis project is useful only if it stays aligned with real MCPHub deployments and real MCP client workflows.\n\nContributions are welcome in areas such as:\n\n- adding and improving tests, especially around auth, exposure profiles, redaction, SSRF validation, HTTP transport, and package install behavior\n- responsible security research, threat-model review, and hardening PRs\n- testing against new MCPHub versions\n- improving Claude, Codex, and other client setup examples\n- expanding route coverage when upstream MCPHub adds APIs\n- improving generated tool descriptions\n- adding examples for real-world shared and remote MCPHub deployments\n- improving troubleshooting and diagnostics\n- reporting API drift or compatibility issues\n\nIf you run MCPHub in a different environment, use a different MCP client, or hit upstream API drift, your reports and examples are especially valuable.\n\n### Good First Contributions\n\n- Improve docs for a client you use.\n- Add a troubleshooting note for a setup failure you hit.\n- Improve examples with safer placeholders.\n- Report upstream MCPHub compatibility drift.\n- Improve generated tool descriptions or risk notes.\n- Add regression tests around a small tool group, redaction rule, or exposure-profile boundary.\n\n### Help Wanted\n\nThe most valuable help is:\n\n- compatibility reports for MCPHub versions not yet covered\n- real-world MCP client config examples\n- security research for SSRF, token leakage, prompt or description injection, HTTP auth edge cases, and profile-boundary bypasses\n- route coverage updates when upstream MCPHub changes\n- tests for `stdio`, Streamable HTTP, and package install behavior\n\nRecommended maintainer labels for public triage:\n\n- `good first issue`\n- `help wanted`\n- `documentation`\n- `compatibility`\n- `upstream-drift`\n- `security`\n- `client-config`\n- `tool-catalog`\n- `testing`\n\n## Support the Project\n\nIf `@garvae/mcp-mcphub` saves you time managing MCPHub, consider supporting ongoing maintenance through [GitHub Sponsors][github-sponsors] or [Ko-fi][ko-fi].\n\nSponsorship helps fund compatibility testing, documentation, security hardening, and support for new MCPHub releases.\n\nCode, docs, bug reports, compatibility reports, and security feedback are just as valuable as financial support.\n\n## Troubleshooting First Run\n\n- Run `npx @garvae/mcp-mcphub doctor`\n- Run `npx @garvae/mcp-mcphub doctor --json` for machine-readable diagnostics\n- Unauthorized usually means the wrong upstream credential, auth header, or credential scope\n- Connection failures usually mean the wrong `MCPHUB_URL` or an unreachable MCPHub instance\n- HTTP `401` usually means the wrong local inbound HTTP token\n\nSee [docs/troubleshooting.md][troubleshooting].\n\n## Documentation Map\n\n| Need                       | Document                                                                              |\n| -------------------------- | ------------------------------------------------------------------------------------- |\n| First run                  | [docs/getting-started.md][getting-started]                                            |\n| Minimal config             | [docs/minimal-config.md][minimal-config]                                              |\n| Full config                | [docs/configuration.md][configuration]                                                |\n| `stdio` mode               | [docs/stdio.md][stdio-docs]                                                           |\n| Streamable HTTP            | [docs/streamable-http.md][http-docs]                                                  |\n| Runtime mode selection     | [docs/runtime-modes.md][runtime-modes]                                                |\n| Docker and deployment      | [docs/deployment.md](./docs/deployment.md)                                            |\n| Tools overview             | [docs/tools.md][tools-docs]                                                           |\n| Generated catalogs         | [docs/generated/README.md][generated-catalogs]                                        |\n| API coverage               | [docs/api-coverage.md][api-coverage]                                                  |\n| Security                   | [docs/security.md][security-docs]                                                     |\n| Testing                    | [docs/testing.md](./docs/testing.md)                                                  |\n| Compatibility              | [docs/compatibility.md](./docs/compatibility.md)                                      |\n| Upstream relationship      | [docs/upstream-mcphub.md](./docs/upstream-mcphub.md)                                  |\n| Shared gateway integration | [docs/managed-gateway-integration.md][managed-gateway]                                |\n| AI agents                  | [docs/for-ai-agents.md][ai-agents]                                                    |\n| Troubleshooting            | [docs/troubleshooting.md][troubleshooting]                                            |\n| Roadmap direction          | [ROADMAP.md][roadmap]                                                                 |\n| Release and contribution   | [docs/release-process.md](./docs/release-process.md), [CONTRIBUTING.md][contributing] |\n\n## Support and Contribution\n\n- Questions and setup help: see [SUPPORT.md][support] and use [GitHub Discussions](https://github.com/garvae/mcp-mcphub/discussions)\n- Reproducible bugs: use the bug report issue template\n- Feature proposals: use the feature request template\n- Upstream route or compatibility drift: use the compatibility template\n- Security issues: follow [SECURITY.md][security-policy] and avoid public disclosures with sensitive details\n- Pull requests: read [CONTRIBUTING.md][contributing]\n- Contributor and agent notes: [AGENTS.md][agents-notes]\n\nDo not post tokens, cookies, client secrets, private URLs, or sensitive production logs publicly.\n\n## Installation\n\nNo-install local run:\n\n```bash\nnpx @garvae/mcp-mcphub doctor\nnpx @garvae/mcp-mcphub stdio --exposure=safe\n```\n\nOptional global install:\n\n```bash\npnpm add -g @garvae/mcp-mcphub\n```\n\n## License\n\nApache-2.0. See [LICENSE][license].\n\n\u003c!-- Link references --\u003e\n\n[mcphub]: https://github.com/samanhappy/mcphub\n[mcphub-docs]: https://docs.mcphub.app/\n[mcphub-api]: https://docs.mcphub.app/api-reference/introduction\n[mcphub-cli]: https://docs.mcphub.app/features/cli\n[mcphub-llms]: https://docs.mcphub.app/llms.txt\n[github-sponsors]: https://github.com/sponsors/garvae\n[ko-fi]: https://ko-fi.com/garvae\n[tools-docs]: ./docs/tools.md\n[generated-catalogs]: ./docs/generated/README.md\n[api-coverage]: ./docs/api-coverage.md\n[security-docs]: ./docs/security.md\n[getting-started]: ./docs/getting-started.md\n[minimal-config]: ./docs/minimal-config.md\n[configuration]: ./docs/configuration.md\n[auth-modes]: ./docs/auth-modes.md\n[stdio-docs]: ./docs/stdio.md\n[http-docs]: ./docs/streamable-http.md\n[runtime-modes]: ./docs/runtime-modes.md\n[managed-gateway]: ./docs/managed-gateway-integration.md\n[ai-agents]: ./docs/for-ai-agents.md\n[troubleshooting]: ./docs/troubleshooting.md\n[contributing]: ./CONTRIBUTING.md\n[support]: ./SUPPORT.md\n[security-policy]: ./SECURITY.md\n[agents-notes]: ./AGENTS.md\n[roadmap]: ./ROADMAP.md\n[license]: ./LICENSE\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgarvae%2Fmcp-mcphub","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgarvae%2Fmcp-mcphub","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgarvae%2Fmcp-mcphub/lists"}