New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@open-short-url/mcp

Package Overview
Dependencies
Maintainers
1
Versions
6
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@open-short-url/mcp

Model Context Protocol (MCP) Server for Open Short URL

latest
Source
npmnpm
Version
0.6.0
Version published
Maintainers
1
Created
Source

Open Short URL - MCP Server

English | 繁體中文

Model Context Protocol (MCP) Server for Open Short URL, enabling AI assistants to manage your short URL system.

npm version License: MIT

Prerequisites

Important: This MCP Server is a client tool for Open Short URL and requires connection to a deployed Open Short URL backend system.

This is not a standalone short URL service, but rather manages your existing short URL system through AI applications that support the MCP protocol.

Requirements

1. Open Short URL Backend System (Required)

You need to deploy the Open Short URL backend first:

  • Deploy from the Open Short URL main project
  • Backend must be running and accessible via network
  • Note your backend URL (e.g., https://your-backend.com)

Don't have a backend system? Visit the main project repository first.

2. API Key

Obtain an API Key from your backend system:

  • Log in to the backend admin interface
  • Navigate to "Settings" → "API Keys"
  • Click "Create New API Key"
  • Copy the generated API Key (format: ak_xxxxxxxxxxxxxx)

Quick Connection Test

curl -H "Authorization: Bearer YOUR_API_KEY" \
     https://your-backend.com/api/urls

Features

78 MCP Tools across 11 modules:

ModuleToolsDescription
URL Management10Create, list, update, delete, QR code, bulk operations
Bundle Management12Group URLs, reorder, archive/restore, statistics
Analytics10Click analysis, trends, bot detection, data export
A/B Testing5Create variants, traffic distribution, performance comparison
Smart Routing8Conditional routing rules, templates, geo/device targeting
Webhooks8Event notifications, delivery logs, webhook testing
User Management11Create/manage users, roles, 2FA, OIDC accounts
API Keys4Create, list, view, revoke API keys
OIDC/SSO5Manage OIDC/SSO identity providers
System Settings4View and manage system configuration
Audit Logs1Query system audit trail

Security

  • Sensitive data sanitization — API keys, tokens, passwords are automatically redacted in all responses
  • Destructive tool marking — Delete/reset operations are prefixed with [DESTRUCTIVE] and include confirmation hints for the AI assistant
  • Error message cleaning — Credentials are stripped from error outputs

Quick Start

Transport Modes

The MCP server supports two transport modes:

ModeUse CaseProtocol
stdio (default)CLI and IDE integrations (Claude Desktop, VS Code, etc.)Standard I/O
httpRemote access, containerized deployments, multi-clientStreamable HTTP

Option 1: npm (stdio)

Global Install (Recommended)

npm install -g @open-short-url/mcp

Using npx

npx @open-short-url/mcp

MCP Client Configuration

{
  "mcpServers": {
    "open-short-url": {
      "command": "open-short-url-mcp",
      "env": {
        "API_URL": "https://your-backend.com",
        "API_KEY": "ak_your_api_key_here"
      }
    }
  }
}

Option 2: Docker (HTTP)

docker run -p 3200:3200 \
  -e API_URL=http://your-backend:4101 \
  -e API_KEY=ak_your_api_key_here \
  ghcr.io/supra126/open-short-url-mcp:latest

The server will be available at http://localhost:3200/mcp.

Health Check

curl http://localhost:3200/health

Option 3: Docker Compose

Add the mcp profile to your existing Open Short URL deployment:

docker compose --profile mcp up -d

Set MCP_API_KEY in your .env.docker file. See the main project's docker-compose.yml for full configuration.

Option 4: Build from Source

git clone https://github.com/supra126/open-short-url.git
cd open-short-url/packages/mcp
pnpm install && pnpm build

# stdio mode
API_URL=https://your-backend.com API_KEY=ak_xxx node dist/index.js

# HTTP mode
MCP_TRANSPORT=http API_URL=https://your-backend.com API_KEY=ak_xxx node dist/index.js

Environment Variables

VariableRequiredDefaultDescription
API_URLYesOpen Short URL backend API URL
API_KEYYesAPI key for authentication
MCP_TRANSPORTNostdioTransport mode: stdio or http
MCP_PORTNo3200HTTP server port (http mode only)
MCP_HOSTNo0.0.0.0HTTP bind address (http mode only)

Available Tools (78)

URL Management (10)

ToolDescription
create_short_urlCreate short URL with custom slug, password, expiration, UTM
list_short_urlsList all short URLs with pagination, search, filtering
get_short_urlGet short URL details
update_short_urlUpdate short URL settings
delete_short_urlDelete short URL [DESTRUCTIVE]
get_url_statsGet URL dashboard statistics
generate_qrcodeGenerate QR code for a short URL
bulk_create_urlsBulk create short URLs (max 100)
bulk_update_urlsBulk update short URLs
bulk_delete_urlsBulk delete short URLs [DESTRUCTIVE]

Bundle Management (12)

ToolDescription
create_bundleCreate new bundle
list_bundlesList all bundles
get_bundleGet bundle details
update_bundleUpdate bundle information
delete_bundleDelete bundle [DESTRUCTIVE]
add_url_to_bundleAdd single URL to bundle
add_multiple_urls_to_bundleBatch add URLs to bundle
remove_url_from_bundleRemove URL from bundle
update_url_order_in_bundleReorder URLs in bundle
get_bundle_statsGet bundle statistics
archive_bundleArchive bundle
restore_bundleRestore archived bundle

Analytics (10)

ToolDescription
get_url_analyticsURL click analytics (geo, device, browser)
get_overview_analyticsOverview analytics dashboard
get_top_performing_urlsTop performing URLs by clicks
get_recent_clicksRecent click records
get_bot_analyticsBot analysis for single URL
get_user_bot_analyticsGlobal bot analysis
get_ab_test_analyticsA/B test analytics
get_routing_analyticsSmart routing statistics
export_url_analyticsExport single URL analytics (CSV/JSON)
export_all_analyticsExport all analytics data (CSV/JSON)

A/B Testing (5)

ToolDescription
create_variantCreate test variant
list_variantsList all variants
get_variantGet variant details
update_variantUpdate variant settings
delete_variantDelete variant [DESTRUCTIVE]

Smart Routing (8)

ToolDescription
create_routing_ruleCreate conditional routing rule
create_routing_rule_from_templateCreate rule from template (geo, device, etc.)
list_routing_rulesList routing rules for a URL
get_routing_ruleGet routing rule details
update_routing_ruleUpdate routing rule
delete_routing_ruleDelete routing rule [DESTRUCTIVE]
update_smart_routing_settingsUpdate routing settings for a URL
list_routing_templatesList available routing templates

Webhooks (8)

ToolDescription
create_webhookCreate webhook endpoint
list_webhooksList all webhooks
get_webhookGet webhook details
update_webhookUpdate webhook settings
delete_webhookDelete webhook [DESTRUCTIVE]
get_webhook_logsView webhook delivery logs
test_webhookSend test webhook event
retry_webhook_deliveryRetry a failed webhook delivery

User Management (11)

ToolDescription
create_userCreate new user
list_usersList all users
get_userGet user details
update_user_roleUpdate user role
update_user_statusActivate/deactivate user
update_user_nameUpdate user display name
delete_userDelete user [DESTRUCTIVE]
reset_user_passwordReset user password [DESTRUCTIVE]
disable_user_2faDisable user 2FA [DESTRUCTIVE]
get_user_oidc_accountsList user's linked OIDC accounts
unlink_user_oidc_accountUnlink OIDC account [DESTRUCTIVE]

API Keys (4)

ToolDescription
create_api_keyCreate new API key (shown once, then redacted)
list_api_keysList all API keys
get_api_keyGet API key details
delete_api_keyRevoke API key [DESTRUCTIVE]

OIDC/SSO Providers (5)

ToolDescription
list_oidc_providersList OIDC providers
create_oidc_providerCreate OIDC provider
get_oidc_providerGet OIDC provider details
update_oidc_providerUpdate OIDC provider
delete_oidc_providerDelete OIDC provider [DESTRUCTIVE]

System Settings (4)

ToolDescription
get_system_settingsGet all system settings
get_system_settingGet a single setting by key
update_system_settingUpdate a system setting
delete_system_settingDelete a system setting [DESTRUCTIVE]

Audit Logs (1)

ToolDescription
get_audit_logsQuery audit logs with filtering

Troubleshooting

MCP Server Won't Start

  • Verify API_URL and API_KEY are set
  • Test API connection: 
    curl -H "Authorization: Bearer YOUR_API_KEY" https://your-backend.com/api/urls

Tool Invocation Fails

  • Check API Key is valid and not expired
  • Check backend service is running
  • Check network connectivity
  • Check API Key has sufficient permissions

Docker Container Issues

  • Ensure API_URL uses the Docker network hostname (e.g., http://backend:4101) not localhost
  • Check container logs: docker logs <container-id>
  • Verify health endpoint: curl http://localhost:3200/health

Security Recommendations

  • Do not share or commit API Keys to Git
  • Rotate API Keys regularly
  • Use separate API Keys for different environments
  • Create dedicated API Keys with minimal permissions for MCP Server
  • The MCP server automatically redacts sensitive data (keys, tokens, passwords) in all responses

Related Resources

License

MIT License - see the LICENSE file for details.

Keywords

open-short-url
short-url
url-shortener
mcp
model-context-protocol
vercel-ai

FAQs

Package last updated on 26 Mar 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Security News

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.

By Sarah Gooding  -  Apr 03, 2026