Labsco
cyanheads logo

Toolkit MCP Server

β˜… 18

from cyanheads

Provides system utilities and tools like IP geolocation, network diagnostics, system monitoring, crypto operations, and QR code generation.

πŸ”₯πŸ”₯πŸ”₯βœ“ VerifiedAccount requiredAdvanced setup
<div align="center"> <h1>@cyanheads/toolkit-mcp-server</h1> <p><b>Generate random IDs, QR codes, and hashes, encode and decode values, and geolocate IPs, plus gated network and system diagnostics, via MCP. STDIO or Streamable HTTP.</b> <div>7 Tools</div> </p> </div> <div align="center">

Version License Docker MCP SDK npm TypeScript Bun

</div> <div align="center">

Install in Claude Desktop Install in Cursor Install in VS Code

Framework

</div>

Tools

Seven tools. Five are always on and need no configuration β€” pure-compute utilities plus an SSRF-free IP lookup. Two probe the server host and stay absent from tools/list until you opt in, fail-closed.

ToolDescription
toolkit_hash_valueGenerate a cryptographic digest (sha256/sha512/sha1/md5), or constant-time-compare a value against an expected digest.
toolkit_generate_idMint cryptographically-random identifiers β€” UUIDv4, UUIDv7, or ULID β€” singly or in batches up to 1000.
toolkit_generate_qrEncode text or a URL into a QR code as SVG markup, base64 PNG, or a terminal-renderable string.
toolkit_encode_valueEncode or decode a value across base64, base64url, hex, or URL percent-encoding, in either direction.
toolkit_geolocate_ipResolve a public IP or hostname to geographic and network metadata β€” country, city, coordinates, ASN, timezone.
toolkit_check_networkGated, off by default. Read-only network diagnostics from the server host β€” ping, traceroute, TCP connectivity, or egress-IP detection.
toolkit_check_systemGated, off by default. Report a facet of the server host's system state β€” OS, CPU, memory, load average, or network interfaces.

toolkit_hash_value

Generate a digest, or constant-time-verify a value against an expected one.

  • operation: generate (lowercase-hex digest) or compare (timing-safe check via timingSafeEqual)
  • Algorithms: sha256 (default) and sha512 for security; sha1 and md5 are exposed for checksum and file-integrity compatibility only β€” never for passwords or signatures
  • inputEncoding reads value as utf8 (default), hex, or base64, so binary blobs skip a decode round-trip
  • Canonical use: match a download against a vendor-published checksum

toolkit_generate_id

Mint cryptographically-random identifiers from the platform CSPRNG β€” the correct source for IDs that must be unpredictable, unlike model-invented values.

  • type: uuid_v4 (random, default), uuid_v7 (time-ordered, sortable by creation), or ulid (26-char Crockford base32, lexicographically sortable)
  • count mints a batch up to 1000 in one call; the returned ids array always holds exactly count values
  • uuid_v7 and ulid batches are monotonic β€” strictly increasing even within the same millisecond β€” so ids stays in sorted creation order
  • Not read-only β€” each call is fresh entropy, so a client won't cache it or auto-approve it as side-effect-free

toolkit_generate_qr

Encode text or a URL into a QR code.

  • format: svg (inline markup), png_base64 (raster bytes with mimeType and byteLength), or terminal (Unicode block string)
  • errorCorrection (L/M/Q/H) trades data capacity for damage tolerance; margin sets the quiet-zone width; scale sets pixels per module for raster output
  • The returned version (1–40) reflects how dense the encoded data is
  • data is capped at 2953 bytes β€” the absolute ceiling (version 40, level L, byte mode); usable capacity is lower at higher errorCorrection levels, so over-capacity input is rejected with a typed data_too_large error rather than a generic failure

toolkit_encode_value

Encode or decode a value, in either direction.

  • encoding: base64, base64url (URL-safe alphabet), hex, or url (percent-encoding)
  • operation: encode (raw UTF-8 β†’ encoding) or decode (encoded value β†’ text)
  • Malformed decode input returns a typed decode_failed error with a recovery hint, not a silent best-effort

toolkit_geolocate_ip

Resolve a public IP or hostname to geographic and network metadata.

  • Returns country, region, city, latitude/longitude, ASN, owning organization, and timezone
  • A hostname is DNS-resolved first; resolvedIp echoes the IP actually located, and source names the answering provider
  • SSRF-free β€” the server calls the provider, never the target; the resolved IP is re-checked against private ranges, and private/reserved addresses are rejected (they have no public geolocation)
  • Best-effort and provider-bounded: VPNs, proxies, mobile NAT, and anycast all defeat IP-to-location, accuracy is city-level at best, and absent fields are reported as unknown rather than invented
  • Keyless by default (ip-api free tier); results are cached in memory by resolved IP

toolkit_check_network

Gated β€” registered only when TOOLKIT_ENABLE_NET_DIAGNOSTICS=true. Read-only network diagnostics from the server host.

  • mode: ping (ICMP round-trip), traceroute (hop path to the target), connectivity (raw TCP connect to target on port), or public_ip (the host's own egress IP)
  • A host that does not respond is reported as reachable: false β€” a valid result, not an error
  • Diagnoses the server's own network, so it is useful on a local or self-hosted deployment; reaching a private/reserved/internal target additionally requires TOOLKIT_ALLOW_PRIVATE_NETWORK=true, which keeps the cloud-metadata endpoint blocked by default

toolkit_check_system

Gated β€” registered only when TOOLKIT_ENABLE_SYSTEM_INFO=true. Report a facet of the server host's system state, read-only.

  • what: os, cpu, memory, load, or interfaces
  • Exactly one facet object is populated per call, matching what
  • Describes the host this server runs on, not the calling client β€” meaningful on a local or self-hosted deployment; gated off by default because os and interfaces disclose host topology and version details

Features

Built on @cyanheads/mcp-ts-core:

  • Declarative tool definitions β€” single file per tool, framework handles registration and validation
  • Unified error handling β€” handlers throw, framework catches, classifies, and formats
  • Typed error contracts β€” each fallible tool declares its failure reasons with recovery hints the agent can act on
  • Pluggable auth: none, jwt, oauth
  • Structured logging with optional OpenTelemetry tracing
  • STDIO and Streamable HTTP transports

Toolkit-specific:

  • Fail-closed gating β€” the two host-probing tools are absent from tools/list unless explicitly enabled, so a hosted instance exposes no SSRF or info-disclosure surface
  • Two-tier network gate β€” even with diagnostics enabled, private/reserved/loopback/link-local targets (including the cloud-metadata endpoint) stay blocked until a second flag permits them
  • CSPRNG-backed primitives β€” identifiers and digests come from the platform crypto source, and hash comparison is constant-time via timingSafeEqual
  • SSRF-free geolocation β€” the server calls the provider, then re-checks the DNS-resolved IP against private ranges before the lookup, so a hostname cannot smuggle a request to an internal address

Agent-friendly output:

  • Provenance β€” geolocation echoes the resolved IP and names the answering provider; absent upstream fields are reported as unknown, never invented
  • Down-but-valid results β€” an unreachable host returns reachable: false instead of an error, so callers branch on data, not exception text
  • Typed failure reasons β€” decode failures, missing digests, and blocked private targets each carry a structured reason plus a next-step recovery hint

Project structure

DirectoryPurpose
src/index.tscreateApp() entry point β€” registers tools and inits services, with fail-closed gating for the two host-probing tools.
src/configServer-specific environment variable parsing and validation with Zod.
src/mcp-server/toolsTool definitions (*.tool.ts). Seven tools β€” five always-on, two gated.
src/services/geoGeolocation service β€” DNS resolution, provider call with retry/backoff, normalization, in-memory cache.
src/services/networkNetwork-diagnostic service plus the shared target validator and private-range classifier.
tests/Unit and integration tests mirroring the src/ structure.

Development guide

See CLAUDE.md / AGENTS.md for development guidelines and architectural rules. The short version:

  • Handlers throw, framework catches β€” no try/catch in tool logic
  • Use ctx.log for request-scoped logging, ctx.state for tenant-scoped storage
  • Register new tools in the createApp() arrays in src/index.ts
  • The two host-probing tools register behind their enable-flags; the network target gate validates after DNS resolution β€” never fabricate a result for an unlocatable or unreachable target

Contributing

Issues and pull requests are welcome. Run checks and tests before submitting:

bun run devcheck
bun run test

License

Apache-2.0 β€” see LICENSE for details.