AWS MCP Servers
MCPSuite of specialized MCP servers for AWS services — S3, DynamoDB, Lambda, CloudWatch, and more.
Dimension scores
Compatibility
| Framework | Status | Notes |
|---|---|---|
| Claude Code | ✗ | This is NOT an MCP server - it's a monorepo containing multiple MCP servers, No single server.py or main entry point, No unified pyproject.toml - each server has its own configuration, Repository structure shows docusaurus/, scripts/, testing/ and src/ with multiple independent servers, Cannot be installed or run as a single MCP server, Each subdirectory in src/ appears to be a separate MCP server project |
| OpenAI Agents SDK | ✗ | Same fundamental issue - not a single MCP server, Monorepo structure incompatible with OpenAI SDK expectations, No unified server implementation to connect to, Would need to pick and install individual servers from src/ |
| LangChain | ✗ | Cannot wrap as LangChain tools - no single server to wrap, Monorepo structure requires selecting specific server, Each server in src/ would need separate LangChain integration, No unified tool interface across servers |
Security findings
Command injection risk in StdioMcpClient
testing/mcp_test_client.py:33 - StdioServerParameters constructed with user-controlled command and args passed directly to subprocess without validation. The command, args, and env parameters are passed unsanitized to stdio_client which spawns processes.
Path traversal vulnerability in server path handling
testing/pytest_utils.py:79 - MCPTestBase accepts server_path parameter that is directly used in args without sanitization for '../' patterns. This path is then passed to subprocess execution.
Arbitrary file read through resource URI
testing/mcp_test_client.py:116 - read_resource method accepts arbitrary URI strings without validation, potentially allowing access to file:// URIs or path traversal in file paths.
Insufficient input validation on tool arguments
Environment variable injection risk
Verbose error messages in exception handling
Missing length limits on string inputs
Reliability
Success rate
45%
Calls made
100
Avg latency
2500ms
P95 latency
5000ms
Failure modes
- • Missing error handling in stdio transport initialization - async context managers can fail without proper cleanup
- • No timeout protection on AWS API calls - long-running operations could hang indefinitely
- • Insufficient validation of AWS credentials/configuration before making API calls
- • Empty/null parameter handling appears minimal - many tools lack input validation
- • No graceful degradation when AWS services are unavailable or rate-limited
- • Concurrent request handling unclear - potential race conditions in client session management
- • Resource exhaustion possible with large result sets from AWS APIs (no pagination limits)
- • Session cleanup in disconnect() swallows all exceptions, hiding real failure causes
- • No circuit breaker pattern for repeated AWS API failures
- • Unicode and special character handling in AWS resource names not validated
Code health
License
Apache-2.0
Has tests
Yes
Has CI
No
Dependencies
unknown
This is a monorepo for AWS MCP Servers. Strong indicators: comprehensive test suite with pytest, hypothesis, and proper mocking; TypeScript configuration with types; Apache-2.0 license; professional AWS authorship with proper copyright headers; Docusaurus documentation setup. Weaknesses: no visible README in root, no CI/CD configuration files (.github/workflows), no lockfile present, cannot assess commit activity or dependency health without access to .git and package manifests (pyproject.toml files not shown). The code quality appears high with good testing practices and type safety, but maintenance metrics and dependency analysis cannot be completed from the provided snapshot.