by samanhappy
A unified hub for centrally managing and dynamically orchestrating multiple MCP servers/APIs into separate endpoints with flexible routing strategies.
# Add to your Claude Code skills
git clone https://github.com/samanhappy/mcphubGuides for using mcp servers skills like mcphub.
Last scanned: 4/25/2026
{
"issues": [
{
"type": "npm-audit",
"message": "better-auth: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "hono: hono Improperly Handles JSX Attribute Names Allows HTML Injection in hono/jsx SSR",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "next: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "postcss: PostCSS has XSS via Unescaped </style> in its CSS Stringify Output",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "typeorm: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "uuid: uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided",
"severity": "medium"
}
],
"status": "PASSED",
"scannedAt": "2026-04-25T05:49:52.951Z",
"semgrepRan": false,
"npmAuditRan": true,
"pipAuditRan": true
}mcphub is an open-source mcp servers skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by samanhappy. A unified hub for centrally managing and dynamically orchestrating multiple MCP servers/APIs into separate endpoints with flexible routing strategies. It has 2,222 GitHub stars.
Yes. mcphub passed SkillsLLM's automated security scan — a dependency vulnerability audit plus prompt-injection heuristics — with no high-severity issues. You can read the full report in the Security Report section on this page.
Clone the repository with "git clone https://github.com/samanhappy/mcphub" and add it to your Claude Code skills directory (see the Installation section above).
mcphub is primarily written in TypeScript. It is open-source under samanhappy on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other MCP Servers skills you can browse and compare side by side. Open the MCP Servers category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh mcphub against similar tools.
No comments yet. Be the first to share your thoughts!
Top skills in this category by stars
MCPHub makes it easy to manage and scale multiple MCP (Model Context Protocol) servers by organizing them into flexible Streamable HTTP (SSE) endpoints—supporting access to all servers, individual servers, or logical server groups.

Create a mcp_settings.json file:
{
"mcpServers": {
"time": {
"command": "npx",
"args": ["-y", "time-mcp"]
},
"fetch": {
"command": "uvx",
"args": ["mcp-server-fetch"]
}
}
}
📖 See Configuration Guide for full options including OAuth, environment variables, and more.
# Run with custom config (recommended)
docker run -p 3000:3000 -v ./mcp_settings.json:/app/mcp_settings.json -v ./data:/app/data samanhappy/mcphub
# Or run with default settings (also mount ./data so credentials and state survive restarts)
docker run -p 3000:3000 -v ./data:/app/data samanhappy/mcphub
Two image variants are published under samanhappy/mcphub:
latest — the default image. Includes Node.js/pnpm, Python, uv/uvx, Git, and build tools. Covers most MCP servers.latest-full — the extended image. Adds Rust toolchain (Cargo/rustc), Docker Engine, and Playwright browsers (Chrome + Firefox, amd64 only). Use this for Rust-based servers or container-in-container workflows. Larger download.See Docker Setup for build options and Docker-in-Docker configuration.
Open http://localhost:3000 and log in with username admin. On first launch, if no ADMIN_PASSWORD environment variable is set, a random password is generated and printed to the server logs. You can also pre-set the password:
# Docker: set admin password via environment variable
docker run -p 3000:3000 -e ADMIN_PASSWORD=your-secure-password samanhappy/mcphub
Tip: Change the admin password after first login for security.
Headless mode: Set
DISABLE_WEB=trueto skip serving the bundled dashboard UI and run MCPHub with only the backend/API and MCP endpoints. This is useful when you want to manage servers directly frommcp_settings.json.
Connect AI clients (Claude Desktop, Cursor, etc.) via:
http://localhost:3000/mcp # All servers
http://localhost:3000/mcp/{group} # Specific group
http://localhost:3000/mcp/{server} # Specific server
http://localhost:3000/mcp/$smart # Smart routing
http://localhost:3000/mcp/$smart/{group} # Smart routing within group
Security note: MCP endpoints require authentication by default to prevent accidental exposure. To allow unauthenticated MCP access, disable Enable Bearer Authentication in the Keys section. Skip Authentication only affects dashboard login. Use only in trusted environments.
📖 See API Reference for detailed endpoint documentation.
The same mcphub binary doubles as a CLI for the running hub — no extra install needed.
mcphub login --url http://localhost:3000 --username admin
mcphub servers list
mcphub servers add fetch --type stdio --command uvx --arg mcp-server-fetch
mcphub tools list # discover what tools are available
mcphub tools get fetch_url # see required params + sample command
mcphub call fetch_url url=https://example.com --json
mcphub keys create --name ci --access-type all
It also speaks the public marketplace API (mcphub discover, mcphub install ...) so server lookup and one-command install work against any hub with discovery enabled.
📖 See CLI Guide for every subcommand, profiles, and CI usage.
| Topic | Description |
|---|---|
| Quick Start | Get started in 5 minutes |
| Configuration | MCP server configuration options |
| Database Mode | PostgreSQL setup for production |
| OAuth | OAuth 2.0 client and server setup |
| Smart Routing | AI-powered tool discovery |
| MCP Apps | Interactive Apps transparent proxy |
| CLI Guide | Manage and call the hub from a terminal |
| Docker Setup | Docker deployment guide |
git clone https://github.com/samanhappy/mcphub.git
cd mcphub
pnpm install
pnpm dev
Local development uses admin / admin123 and stores its writable settings copy at data/mcp_settings.dev.json, so the repository mcp_settings.json stays credential-free.
For Windows users, start backend and frontend separately:
pnpm backend:dev,pnpm frontend:dev
📖 See Development Guide for detailed setup instructions.
mcp_settings.json by default; PostgreSQL via TypeORM with pgvector for Smart Routing@node-oauth/oauth2-server); optional Better Auth for GitHub/Google loginContributions welcome! See our Discord community for discussions and support.
Licensed under the Apache 2.0 License.