Skip to main content

gcontext connector — local MCP bridge: cloud structure, local secret values

Project description

mcp-minimal

A single local Python MCP server for a workspace of integrations (third-party services the AI can use: docs, dependencies, secret names) and tasks (units of work with goals, steps and progress). Both are typed folders in a virtual file tree, backed by a secret-name registry and on-the-fly Python script execution with the local .env injected. Secret VALUES never leave this machine and never enter the database.

Self-hosting? See SELF_HOSTING.md: one docker compose up, plus how to pull future updates.

Setup

cd apps/mcp-minimal
cp .env.example .env   # fill in your secret values

Get a token first by running uvx gcontext-mcp login (browser sign-in at https://app.gcontext.ai mints it).

Add to Claude Code

Published connector (hosted cloud):

claude mcp add-json gcontext '{
  "type": "stdio",
  "command": "uvx",
  "args": ["gcontext-mcp"],
  "env": { "GCONTEXT_TOKEN": "<your token>" }
}'

Pure-local (no cloud, own SQLite):

claude mcp add mcp-minimal -- uv run --directory /ABS/PATH/TO/apps/mcp-minimal python server.py

Add to Claude Desktop

The CLI commands above only work in Claude Code. For the Desktop app, edit the config file directly (Settings → Developer → Edit Config, or open it from):

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json

Add your server under mcpServers, then fully quit and reopen Claude Desktop.

Published connector (hosted cloud):

{
  "mcpServers": {
    "gcontext": {
      "command": "uvx",
      "args": ["gcontext-mcp"],
      "env": { "GCONTEXT_TOKEN": "<your token>" }
    }
  }
}

Pure-local (no cloud, own SQLite):

{
  "mcpServers": {
    "mcp-minimal": {
      "command": "uv",
      "args": ["run", "--directory", "/ABS/PATH/TO/apps/mcp-minimal", "python", "server.py"]
    }
  }
}

Note: Desktop has no slash-command prompts (/use-integration, etc.) — you drive the same tools by plain chat. Both modes need uv/uvx on your PATH.

Tools

  • tool_list_dir(path="/"), tool_read_file(path), tool_write_file(path, content), tool_delete(path)tool_write_file auto-creates missing parent folders
  • tool_secrets(), tool_register_secret(name, description), tool_unregister_secret(name), tool_setup_secrets(form=True)
  • tool_run_script(code) - runs uv run --env-file .env python -c "<code>"

The secret registry

The registry holds secret NAMES + descriptions only — it is for setup and verification, not runtime. It does NOT gate tool_run_script, which injects the whole .env regardless of what's registered.

  1. tool_register_secret(name, description) - declare a required secret.
  2. tool_setup_secrets(form=False) - append blank NAME= lines to .env for any registered secret not yet present, so the user just fills in the values (form=True opens a browser form).
  3. tool_secrets() - shows present per name so you can confirm setup.

How it works

  1. Write a file describing a 3rd-party operation and which secret NAMES it needs; declare those names with tool_register_secret.
  2. To act, read the file, generate Python, and call tool_run_script.
  3. Secret values resolve from the local .env at run time - never stored in the DB.

Security / trust model

tool_run_script runs arbitrary Python locally with your real .env injected — there is no sandbox. It is exactly as trusted as whatever drives the server. Run it on your own machine only; never expose this server remotely.

Script contract

  • Read secrets via os.environ["VAR"] - never hardcode, never load_dotenv.
  • Use only registered names that show present_locally: true.
  • Exit codes: 0 OK, 2 missing secret (KeyError), 1 any other failure.

Config (env vars)

  • MCP_MINIMAL_DB - SQLite path (default db.sqlite next to server.py).
  • MCP_MINIMAL_ENV_FILE - secret-values file (default .env next to server.py).

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

gcontext_mcp-0.2.0.tar.gz (215.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

gcontext_mcp-0.2.0-py3-none-any.whl (21.5 kB view details)

Uploaded Python 3

File details

Details for the file gcontext_mcp-0.2.0.tar.gz.

File metadata

  • Download URL: gcontext_mcp-0.2.0.tar.gz
  • Upload date:
  • Size: 215.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.8.16

File hashes

Hashes for gcontext_mcp-0.2.0.tar.gz
Algorithm Hash digest
SHA256 b680603173dc05dd0addf87b58abaff902651f58ed34d1e0684a8fb9123f9a8d
MD5 408e1dc72838fa3d85ddadb4f6dd7b8a
BLAKE2b-256 9dd814840a4e7a932630153b8ce8a20880d217d522132f1ebb877c0da5181b94

See more details on using hashes here.

File details

Details for the file gcontext_mcp-0.2.0-py3-none-any.whl.

File metadata

File hashes

Hashes for gcontext_mcp-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 f110c542fe17ad3e4cbf5b5ee6a4b35dba2a7704b84b099ab1e8cc6771735d90
MD5 f09cd057840a2fdf6690c321b2958342
BLAKE2b-256 7deec9c091d3e0ca1df92447c619063cbff8e8f6056970eedb64cca3949c0f40

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page