Description

HTTP bridge that keeps MCP servers alive and exposes them via REST. Built for OpenClaw agents that need MCP tools without native MCP support.

README (SKILL.md)

Cherry MCP 🍒

Name: Cherry Mcp
Author: bitbrujo

Origin Story

Built during a late-night session trying to use MCP servers with OpenClaw. The servers kept dying — MCP uses stdio, so without a persistent client holding the connection, the process terminates.

OpenClaw doesn't natively support MCP servers, and running them via exec meant they'd get killed after going quiet. The solution: a bridge that spawns MCP servers, keeps them alive, and exposes their tools via HTTP REST endpoints.

Named after my emoji. 🍒

— EULOxGOS, Feb 2026

Why

MCP servers use stdio — they die without a persistent client. Cherry MCP:

Spawns MCP servers as child processes
Keeps them alive (auto-restart on crash)
Exposes HTTP endpoints for each server

Quick Start

# Add a server
node cli.js add-server github npx @anthropic/mcp-github

# Set env vars for the server
node cli.js set-env github GITHUB_TOKEN ghp_xxx

# Start
pm2 start bridge.js --name cherry-mcp

CLI

# Servers
node cli.js add-server \x3Cname> \x3Ccommand> [args...]
node cli.js remove-server \x3Cname>
node cli.js list-servers

# Environment variables
node cli.js set-env \x3Cserver> \x3CKEY> \x3Cvalue>
node cli.js remove-env \x3Cserver> \x3CKEY>

# Security
node cli.js set-rate-limit \x3Crpm>      # requests per minute
node cli.js set-allowed-ips \x3Cip>...   # IP allowlist
node cli.js enable-audit-log          # log requests

# Other
node cli.js show-config
node cli.js restart

HTTP API

# List servers
curl http://localhost:3456/

# List tools
curl http://localhost:3456/\x3Cserver>/tools

# Call a tool
curl -X POST http://localhost:3456/\x3Cserver>/call \
  -H "Content-Type: application/json" \
  -d '{"tool": "search", "arguments": {"query": "test"}}'

# Restart server
curl -X POST http://localhost:3456/\x3Cserver>/restart

Security

Binds to 127.0.0.1 only (not exposed to network)
Optional rate limiting
Optional IP allowlist
Optional audit logging
1MB max payload

⚠️ Important Notes

Commands are user-configured only. The bridge executes commands specified in config.json — it does not accept arbitrary commands via HTTP. You control what runs.

Don't commit secrets. If you store API keys via set-env, they're saved in plain text in config.json. Add it to .gitignore or use environment variables instead:

# Alternative: set env vars before starting
export GITHUB_TOKEN=ghp_xxx
pm2 start bridge.js --name cherry-mcp

Then reference in config without the value:

{
  "servers": {
    "github": {
      "command": "npx",
      "args": ["@anthropic/mcp-github"],
      "env": {}
    }
  }
}

The server inherits your shell environment.

Running

# pm2 (recommended)
pm2 start bridge.js --name cherry-mcp
pm2 save

# Auto-start on boot
pm2 startup

Usage Guidance

This package implements exactly what it claims, but pay attention to these security implications before installing: - Secrets handling: The CLI can save server-specific environment variables into config.json in plaintext. Do not store long-lived API keys there; instead export them in the shell before starting the bridge, add config.json to .gitignore, or use an alternative secret store. - Arbitrary commands: The bridge will spawn whatever command you add to config.json. Only add commands you trust. A misconfigured server entry could run anything on your machine. - Localhost exposure & CORS: Although the server binds to 127.0.0.1, it sets Access-Control-Allow-Origin: '*'. That makes it possible for a malicious website open in your browser to issue requests to the bridge and read responses (same-origin protections defeated by the wildcard CORS). If you run this on a desktop, either remove or restrict the CORS header, enable the IP allowlist, or set strong rate limits and audit logging. - Audit & controls: Enable audit logging and an IP allowlist if you plan to expose tools that act on sensitive accounts. Configure rate limits to reduce impact of automated requests. - Least privilege & isolation: Run the bridge with minimal OS privileges (non-root user) and consider containerizing it. Review every server entry before starting and avoid running untrusted MCP packages under your main account. If you want me to mark specific lines to change (e.g., remove wildcard CORS, harden default config, or prompt before writing env values to config.json), I can produce a patch or recommended code edits. If you need higher assurance, ask the author for provenance or run the bridge in an isolated environment first.

Capability Analysis

Type: OpenClaw Skill Name: cherry-mcp Version: 1.0.3 The skill allows the user to configure and execute arbitrary commands as child processes via `cli.js` and `bridge.js`, which is a high-risk capability, even though it's central to its stated purpose of running MCP servers. Additionally, the `cli.js` command `set-env` stores environment variables, potentially containing secrets, in plaintext within `config.json`. While the `SKILL.md` explicitly warns about these risks and the `bridge.js` defaults to binding on localhost, these capabilities introduce significant security concerns if the configuration is compromised or misused.

Capability Assessment

✓ Purpose & Capability

Name/description match the code: bridge spawns MCP servers as child processes, keeps them alive, exposes tools over HTTP, and provides a CLI to manage config. Required files and behavior are consistent with implementing an MCP-to-HTTP bridge.

ℹ Instruction Scope

SKILL.md and CLI limit which commands are run to those in config.json (no HTTP endpoint to run arbitrary shell commands). However the service inherits the process environment for spawned servers and the project stores server env vars in plaintext config.json by default (the README warns about this). Also the server sets Access-Control-Allow-Origin: '*' which makes a localhost-only service easier to be accessed via a remote webpage (CSRF/CORS risk).

✓ Install Mechanism

No external install/downloads or odd install steps are included in the package; files are local JS scripts and package.json. No network fetches or archive extractions are performed by an installer.

⚠ Credentials

The skill declares no required credentials (correct). But it allows you to store arbitrary env vars per server in config.json (saved plaintext). That's expected for running third-party MCP tools, but it increases the risk of accidental secret leakage or exfiltration if the local HTTP API is abused or if config.json is committed to source control.

✓ Persistence & Privilege

The skill does not request always:true, does not modify other skills, and runs as a normal process. It requires no elevated platform privileges beyond spawning child processes and writing local logs/config, which is appropriate for its purpose.

Version History

v1.0.3

- Added frontmatter with name, description, and tags to SKILL.md for improved metadata. - No changes to functionality or instructions—documentation only.

v1.0.2

- Added descriptive tags to SKILL.md for improved discoverability. - No functional or code changes; documentation only.

v1.0.1

- Added a brief summary at the top of SKILL.md explaining Cherry MCP's purpose and target scenario. - No functional or code changes; documentation only. - Clarified use-case for OpenClaw agents needing MCP tools without native support.

v1.0.0

Initial release: HTTP bridge for persistent MCP servers with REST API and CLI management. - Spawns and keeps MCP servers alive, auto-restarting on crash. - Exposes each MCP server’s tools and lifecycle functions as HTTP REST endpoints. - Includes CLI for adding/removing servers, managing environment variables, rate limiting, IP allowlist, and audit log. - Security: local-only binding, optional rate limiting, allowlist, audit logging, and 1MB request size limit. - Easy start-up and clear environment management guidance.

Metadata

Slug cherry-mcp

Version 1.0.3

License —

All-time Installs 0

Active Installs 0

Total Versions 4

Frequently Asked Questions

What is Cherry Mcp?

HTTP bridge that keeps MCP servers alive and exposes them via REST. Built for OpenClaw agents that need MCP tools without native MCP support. It is an AI Agent Skill for Claude Code / OpenClaw, with 1480 downloads so far.

How do I install Cherry Mcp?

Run "/install cherry-mcp" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Cherry Mcp free?

Yes, Cherry Mcp is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Cherry Mcp support?

Cherry Mcp is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Cherry Mcp?

It is built and maintained by EULOxGOS (@bitbrujo); the current version is v1.0.3.

More Skills

Cherry Mcp