Kaya
mcp
Warn
Health Warn
- License — License: MIT
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 5 GitHub stars
Code Warn
- network request — Outbound network request in src/Kaya.ApiExplorer/UI/SignalR/signalr-debug.js
- network request — Outbound network request in src/Kaya.GrpcExplorer/UI/script.js
Permissions Pass
- Permissions — No dangerous permissions requested
Purpose
This tool is a suite of lightweight .NET developer packages designed for automatically discovering, debugging, and testing HTTP APIs, gRPC services, and SignalR hubs. It also includes an MCP server that allows AI assistants to invoke these services directly.
Security Assessment
Overall risk: Low. The tool does not request dangerous system permissions or execute shell commands, and no hardcoded secrets were found. Because its primary function is debugging networked services, it naturally makes outbound network requests (specifically noted in the JavaScript UI files for API and gRPC exploration). It is designed to handle authentication mechanisms like Bearer tokens and API keys, so developers should ensure these sensitive credentials are managed securely within their development environments and are never accidentally committed to version control.
Quality Assessment
The project benefits from the highly permissive MIT license and a clear, comprehensive description. The repository is actively maintained, with the most recent push occurring today. However, it currently suffers from very low community visibility, having accumulated only 5 GitHub stars. This indicates that while the project is actively developed by its creator, it has not yet undergone widespread peer review or broad community adoption.
Verdict
Use with caution—while the code is actively maintained, properly licensed, and free of obvious security risks, its low community adoption means it has not yet been broadly battle-tested.
This tool is a suite of lightweight .NET developer packages designed for automatically discovering, debugging, and testing HTTP APIs, gRPC services, and SignalR hubs. It also includes an MCP server that allows AI assistants to invoke these services directly.
Security Assessment
Overall risk: Low. The tool does not request dangerous system permissions or execute shell commands, and no hardcoded secrets were found. Because its primary function is debugging networked services, it naturally makes outbound network requests (specifically noted in the JavaScript UI files for API and gRPC exploration). It is designed to handle authentication mechanisms like Bearer tokens and API keys, so developers should ensure these sensitive credentials are managed securely within their development environments and are never accidentally committed to version control.
Quality Assessment
The project benefits from the highly permissive MIT license and a clear, comprehensive description. The repository is actively maintained, with the most recent push occurring today. However, it currently suffers from very low community visibility, having accumulated only 5 GitHub stars. This indicates that while the project is actively developed by its creator, it has not yet undergone widespread peer review or broad community adoption.
Verdict
Use with caution—while the code is actively maintained, properly licensed, and free of obvious security risks, its low community adoption means it has not yet been broadly battle-tested.
Interactive real-time debugging and testing for .NET APIs, SignalR hubs, and gRPC services in .NET, plus an MCP server for AI-hosted invocation workflows, delivered as a suite of NuGet packages.
README.md
Kaya Developer Tools
A collection of lightweight development tools for .NET applications that provide automatic discovery and interactive testing capabilities.
Tools
Kaya.ApiExplorer
Swagger-like API documentation tool that automatically scans HTTP endpoints and displays them in an interactive UI.
Features:
- Automatic Discovery - Scans controllers and endpoints using reflection
- Interactive UI - Test endpoints directly from the browser with real-time responses
- Authentication - Support for Bearer tokens, API keys, and OAuth 2.0
- SignalR Debugging - Real-time hub testing with method invocation and event monitoring
- XML Documentation - Automatically reads and displays your code comments
- Code Export - Generate request snippets in multiple programming languages
- Performance Metrics - Track request duration and response size
Kaya.GrpcExplorer
gRPC service explorer that uses Server Reflection to discover and test gRPC services.
Features:
- Automatic Service Discovery - Uses gRPC Server Reflection to enumerate services and methods
- All RPC Types - Support for Unary, Server Streaming, Client Streaming, and Bidirectional Streaming
- Protobuf Schema - Automatically generates JSON schemas from Protobuf message definitions
- Interactive Testing - Execute gRPC methods with JSON payloads directly from the browser
- Server Configuration - Connect to local or remote gRPC servers with custom metadata
- Authentication - Support for metadata-based authentication (Bearer tokens, API keys)
- Streaming Support - View streaming responses with pagination for large message volumes
Kaya.McpServer
MCP stdio server for invoking HTTP APIs, gRPC methods, and SignalR hubs from MCP hosts (Copilot, Cursor, Claude).
Features:
- MCP Tool Surface - HTTP API, gRPC method, and SignalR hub invocation tools exposed via MCP
- Host Integration - Works with MCP-capable clients over stdio transport
- Flexible Configuration - Supports command args, env vars, and JSON config file
License
This project is licensed under the MIT License - see the LICENSE file for details.
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found