Skip to main content

gcontext connector — local MCP bridge: cloud structure, local secret values

Project description

mcp-minimal

A single local Python MCP server: a files/folders tree + a secret-name registry in SQLite, plus on-the-fly Python script execution with the local .env injected. Secret VALUES never leave this machine and never enter the database.

Setup

cd apps/mcp-minimal
cp .env.example .env   # fill in your secret values

Add to Claude Code

Published connector (talks to the hosted cloud at https://api.gcontext.ai):

claude mcp add-json gcontext '{"type":"stdio","command":"uvx","args":["gcontext-mcp"],"env":{"GCONTEXT_TOKEN":"<your token>"}}'

Get a token with curl -X POST https://api.gcontext.ai/signup -d '{"email":"...","password":"..."}'. Pure-local (no cloud, own SQLite):

claude mcp add mcp-minimal -- uv run --directory /ABS/PATH/TO/apps/mcp-minimal python server.py

Tools

  • tool_list_dir(path="/"), tool_read_file(path), tool_write_file(path, content), tool_create_folder(path), tool_delete(path)
  • tool_list_secrets(), tool_register_secret(name, description), tool_unregister_secret(name), tool_scaffold_env()
  • tool_run_script(code) - runs uv run --env-file .env python -c "<code>"

The secret registry

The registry holds secret NAMES + descriptions only — it is for setup and verification, not runtime. It does NOT gate tool_run_script, which injects the whole .env regardless of what's registered.

  1. tool_register_secret(name, description) - declare a required secret.
  2. tool_scaffold_env() - append blank NAME= lines to .env for any registered secret not yet present, so the user just fills in the values.
  3. tool_list_secrets() - shows present_locally per name so you can confirm setup.

How it works

  1. Write a file describing a 3rd-party operation and which secret NAMES it needs; declare those names with tool_register_secret.
  2. To act, read the file, generate Python, and call tool_run_script.
  3. Secret values resolve from the local .env at run time - never stored in the DB.

Security / trust model

tool_run_script runs arbitrary Python locally with your real .env injected — there is no sandbox. It is exactly as trusted as whatever drives the server. Run it on your own machine only; never expose this server remotely.

Script contract

  • Read secrets via os.environ["VAR"] - never hardcode, never load_dotenv.
  • Use only registered names that show present_locally: true.
  • Exit codes: 0 OK, 2 missing secret (KeyError), 1 any other failure.

Config (env vars)

  • MCP_MINIMAL_DB - SQLite path (default db.sqlite next to server.py).
  • MCP_MINIMAL_ENV_FILE - secret-values file (default .env next to server.py).

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

gcontext_mcp-0.1.2.tar.gz (97.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

gcontext_mcp-0.1.2-py3-none-any.whl (10.2 kB view details)

Uploaded Python 3

File details

Details for the file gcontext_mcp-0.1.2.tar.gz.

File metadata

  • Download URL: gcontext_mcp-0.1.2.tar.gz
  • Upload date:
  • Size: 97.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.8.16

File hashes

Hashes for gcontext_mcp-0.1.2.tar.gz
Algorithm Hash digest
SHA256 e88ca3d16bfcaafb6f569e5dc007d02d45ef943ab42d7b20074f51e8812bc0f2
MD5 93938c0adcd9c39aeadddbe8484f3ec2
BLAKE2b-256 677cbfa097184b6a4561bcd478a5fb2930cd9c1d7aeed51542302861af6ac6db

See more details on using hashes here.

File details

Details for the file gcontext_mcp-0.1.2-py3-none-any.whl.

File metadata

File hashes

Hashes for gcontext_mcp-0.1.2-py3-none-any.whl
Algorithm Hash digest
SHA256 23c6993e203483d9ce1073bd7e25d360a94d54032fb96e1ddd4eb189fcfa64d9
MD5 42878495ceb73e83513e1cba08b2b491
BLAKE2b-256 7722abdd116ccc2a307e625b6c1a1f1aaa96bcfcd4c9badb7b110f144e1c2478

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page