open-webui/mcpo

MCPcommunity
open-webuiMITUpdated 1mo agoGitHub

A simple, secure MCP-to-OpenAPI proxy server

Expose any MCP tool as an OpenAPI-compatible HTTP server—instantly. mcpo is a dead-simple proxy that takes an MCP server command and makes it accessible via standard RESTful OpenAPI, so your tools "just work" with LLM agents and apps expecting OpenAPI servers. No custom protocol. No glue code. No hassle. MCP servers usually speak over raw stdio, which is: 🔓 Inherently insecure ❌ Incompatible…

Automatically indexed from public sources. Not yet verified by the developer on Forge.Claim this listing →
4kGitHub stars
465Forks
1mo agoLast update
Package
Authoropen-webui
LicenseMIT
Sourcegithub
Trust Status
B
60/100Good
Listed in Forge index+10/10
Publisher identity verified+0/25
Publisher: run `forge publish` from the package repo to claim ownership
Ed25519 publish signature+0/10
Included automatically when the publisher runs `forge publish`
Domain verification+0/5
Publisher: host /.well-known/forge.json on the package homepage with { "publisher": "<github-login>" }
CVE scan · not run+0/30
Not yet scanned — package must be on npm
Static analysis · clean+20/20
npm provenance (Sigstore)+0/5
Publish from GitHub Actions with the --provenance flag
Paste into Claude Code, Cursor, or any AI assistant to fix all gaps
StatusCommunity-indexed
PublisherUnverified
SignatureUnsigned
Domain
Provenance
DependenciesNot audited
Tool surface
Security scan✓ CleanvHEAD · 19d ago
EvalsNone
IndexedMay 24, 2026

Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.

About

Expose any MCP tool as an OpenAPI-compatible HTTP server—instantly. mcpo is a dead-simple proxy that takes an MCP server command and makes it accessible via standard RESTful OpenAPI, so your tools "just work" with LLM agents and apps expecting OpenAPI servers. No custom protocol. No glue code. No hassle. MCP servers usually speak over raw stdio, which is: 🔓 Inherently insecure ❌ Incompatible with most tools 🧩 Missing standard features like docs, auth, error handling, etc. mcpo solves all of…

Keywords
mcpmcp-servermcp-to-openapiopen-webuiopenapi