Skip to main content

An MCP server that exposes Python functions and shell commands as a permission-controlled tool catalog.

Project description

MCC — Model Context Catalog

An MCP server that exposes Python functions and shell commands as a permission-controlled tool catalog. Claude and other LLM clients discover and call tools through a unified search / execute interface, with RBAC and pluggable authentication built in.


Features

  • Serve multiple tools from one MCP by exposing Python functions or shell/exec commands
  • Published catalog of tools for easy discoverability and llm execution
  • Built in RBAC with user management and tool groups
  • Multiple auth backends (dev unauthed, Github OAuth2, PAT)
  • Optional contrib toolsets (utils and OSINT) loaded via MCC_SETTINGS_FILES
  • CLI management of users and tools
  • Async tool support

How it works

Tools are defined in YAML files pointing at Python callables. MCC loads them, enforces per-user permissions, and serves them to any LLM via MCP.

Claude → search("deploy") → ["myteam.deploy - Deploys the app  execute(environment: str = 'dev')"]
Claude → execute("myteam.deploy", {"environment": "prod"})  →  result

Quickstart

uv add model-context-catalog

1. Configure auth (settings.local.yaml):

auth: dev-admin   # dev mode: no auth

2. Add an admin user:

mcc user add -u alice -e alice@example.com -g admin

3. Run the server:

python -m mcc.app

4. Point your MCP client at the HTTP endpoint.


Defining Tools

Create a YAML file anywhere:

group: myteam
tools:
  - fn: mypackage.mymodule:my_function     # required: dotted import path
    name: my-tool                          # optional: defaults to __name__
    description: "Does something useful"   # optional: defaults to __doc__
    params:                                # optional: introspected from signature
      - name: message
        type: str          # str | int | float | bool | list | dict
        required: true
      - name: flag
        type: bool
        override: true     # always injected at call time, hidden from callers

Exec Tools (External Commands)

Run any command — Node, Go, shell scripts — as a catalog tool:

tools:
  # Interpolation mode (default): params formatted into command string
  - name: grep
    exec: "grep -rn {pattern} {path}"
    params:
      - name: pattern
        type: str
        required: true
      - name: path
        type: str
        default: "."

  # Stdin mode: params sent as JSON on stdin
  - name: lint
    exec: "node tools/lint.js"
    stdin: true
    timeout: 30
    params:
      - name: file
        type: str
        required: true

  # With resource limits (unix only)
  - name: sandbox
    exec: "python3 untrusted.py"
    stdin: true
    timeout: 10
    limits:
      mem_mb: 256
      cpu_sec: 5
      fsize_mb: 50
      nofile: 128

Exec tools always return (returncode, stdout, stderr). Params must be declared in YAML (no signature to introspect).

⚠ Security: With stdin: false (the default), parameters are interpolated directly into the shell command. Do not expose exec tools with user-controlled params to untrusted callers without additional input validation.

Register it in settings.local.yaml:

tools:
  - path/to/mytools.yaml

To load optional contrib toolsets, use MCC_SETTINGS_FILES:

# utils — HTTP, filesystem, shell, text, time, archives
MCC_SETTINGS_FILES=toolsets/contrib/settings.yaml

# OSINT — threat intel, corporate records, geolocation, and more
MCC_SETTINGS_FILES=toolsets/osint/settings.yaml

# both
MCC_SETTINGS_FILES=toolsets/contrib/settings.yaml;toolsets/osint/settings.yaml

Authentication

Switch backends via auth in settings:

Backend When to use
dangerous Local dev — no auth, auto-selects first admin user
github_pat Simple deployments — use a GitHub PAT for identity
github_oauth Production — full OAuth2 flow via GitHub

GitHub PAT config:

default:
  auth: "github_pat"

  github_pat:
    token: "ghp_..."

GitHub OAuth config:

default:
  auth: "github_oauth"

  github_oauth:
    client_id: "..."
    client_secret: "..."
    base_url: "https://your-server.example.com"

User & Permission Management

mcc user add -u alice -e alice@example.com -g myteam
mcc user add -u bob -g admin
mcc user list
mcc user grant alice -g ops -t custom.tool
mcc user revoke alice -t custom.tool
mcc user remove alice

Permission hierarchy (first match wins):

  1. Tool is in the public group → anyone can access
  2. User is in the admin group → can access everything
  3. User's groups include the tool's group → allowed
  4. Tool key is in the user's explicit tool grants → allowed

Documentation

  • Getting Started — installation, quickstart, configuration
  • Tools — YAML format, Python tools, exec tools, parameters, resource limits
  • Auth & Permissions — backends, users, groups
  • Contrib Toolsets — utils (HTTP, filesystem, shell, text, time, archives) and OSINT (threat intel, corporate records, geolocation, and more)

See openspec/project.md for a full architectural breakdown. Inspiration How to build an enterprise-grade MCP registry

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

model_context_catalog-0.2.0.tar.gz (45.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

model_context_catalog-0.2.0-py3-none-any.whl (38.7 kB view details)

Uploaded Python 3

File details

Details for the file model_context_catalog-0.2.0.tar.gz.

File metadata

  • Download URL: model_context_catalog-0.2.0.tar.gz
  • Upload date:
  • Size: 45.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for model_context_catalog-0.2.0.tar.gz
Algorithm Hash digest
SHA256 a62081a2f3d6db2ce5c86ca25dd3bb840fa99baa68e55f9f3abc3534b4a43417
MD5 036f0b26ffa3b4053486063ebcf08a8c
BLAKE2b-256 dcd28998ee2aed3ea905f7c00304b6585a9f07d2f9f00ceeb5c601e3aed11208

See more details on using hashes here.

Provenance

The following attestation bundles were made for model_context_catalog-0.2.0.tar.gz:

Publisher: publish.yaml on C-Research/model-context-catalog

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file model_context_catalog-0.2.0-py3-none-any.whl.

File metadata

File hashes

Hashes for model_context_catalog-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 cbc287f2d79ae97a3558ba549f3e75ff5563664c113511113e4579d250981fef
MD5 8b989f5a232f3f3e947920f5990c66d4
BLAKE2b-256 3aacbf1b4fe954adaf547aa5db7bdae1226bbfebf2a2416dc369ddf93450fd83

See more details on using hashes here.

Provenance

The following attestation bundles were made for model_context_catalog-0.2.0-py3-none-any.whl:

Publisher: publish.yaml on C-Research/model-context-catalog

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page