hyper-mcp is a high-performance, secure MCP server designed for extending applications with WebAssembly plugins. It targets developers seeking to integrate AI capabilities and custom logic into their software, offering a flexible and secure plugin architecture.

How It Works

hyper-mcp leverages WebAssembly (Wasm) for plugin execution, enabling developers to write plugins in any language that compiles to Wasm. It utilizes the Extism runtime for robust plugin management, ensuring sandboxed execution with resource limits. Plugins are distributed via OCI registries, allowing for secure, versioned deployment and verification through sigstore signing.

Quick Start & Requirements

• Install/Run: Download the binary or build from source.
• Prerequisites: None explicitly stated beyond a compatible OS.
• Configuration: Create a config.json file in the appropriate user configuration directory.
• Example Config: Load plugins from OCI registries (e.g., oci://ghcr.io/tuananh/time-plugin:latest).
• Start: Run hyper-mcp with optional --transport sse flag.
• Cursor IDE Integration: Configure via .cursor/mcp.json.
• Docs: Example Plugins

Highlighted Details

• Supports both stdio and SSE transport.
• Plugins can be written in any Wasm-compatible language.
• Secure plugin distribution via OCI registries with signature verification.
• Lightweight and suitable for resource-constrained environments.
• Fine-grained access control for host functions.

Maintenance & Community

• Actively maintained with a growing list of community plugins.
• Links to GitHub issues are provided.

Licensing & Compatibility

• Licensed under Apache 2.0.
• Permissive license suitable for commercial use and closed-source applications.

Limitations & Caveats

The README mentions loading unsigned OCI plugin images requires setting insecure_skip_signature to true, indicating a potential security consideration for development or specific deployment scenarios.