MCP.so
Sign In
Servers

Artifacts — self-hosted artifact publishing (HTML/JSX/Markdown/zip → unguessable URL)

@kuyazee

Self-hosted artifact publishing — POST HTML/JSX/Markdown/zip, get an unguessable public URL. MCP server built in.

Overview

What is Artifacts — self-hosted artifact publishing (HTML/JSX/Markdown/zip → unguessable URL)?

Artifacts is a self-hosted service that lets you publish HTML, JSX/TSX React components, Markdown, or zipped static sites to public, unguessable URLs on your own domain. It includes a built-in MCP server for AI coding agents and a drag-and-drop web UI for humans.

How to use Artifacts — self-hosted artifact publishing (HTML/JSX/Markdown/zip → unguessable URL)?

Deploy with Docker Compose, Docker, or bare Node (requires Node ≥22 and setting ARTIFACTS_API_KEY and BASE_URL environment variables). Then publish artifacts via curl, the included CLI (node cli.js), or MCP tools (e.g., publish_artifact). The web UI at / allows drag-and-drop management after authenticating with the API key.

Key features of Artifacts — self-hosted artifact publishing (HTML/JSX/Markdown/zip → unguessable URL)

  • Four content types: HTML, JSX/TSX, Markdown, and zip static sites.
  • MCP server at /mcp for AI agents (publish, update, disable, list, delete).
  • Web UI with drag-and-drop upload and lifecycle management.
  • Lifecycle controls: rename slugs, disable/enable, auto-expiry (410).
  • Non-crawlable: noindex headers and deny-all robots.txt.
  • Zip upload validation: requires index.html, static extensions only, rejects traversal/symlinks.

Use cases of Artifacts — self-hosted artifact publishing (HTML/JSX/Markdown/zip → unguessable URL)

  • AI agents publishing generated dashboards, prototypes, or reports.
  • Human developers quickly sharing static sites or React components.
  • Self-hosted alternative to Claude’s hosted artifact URLs.
  • Sharing ephemeral content with auto-expiry and slug management.

FAQ from Artifacts — self-hosted artifact publishing (HTML/JSX/Markdown/zip → unguessable URL)

How is security handled?

Write access requires a bearer token (ARTIFACTS_API_KEY). Host on a dedicated subdomain with no cookies. Responses include X-Robots-Tag: noindex, CSP, and other security headers. Reads are public by design—the unguessable slug is the access control.

What are the runtime requirements?

Node.js ≥22 is required. No database, no accounts—artifacts are stored as plain files under /data. The server is a single Express process (~600 lines).

Where are artifacts stored?

All artifacts are stored as plain files in DATA_DIR (default: /data). You must mount a persistent volume to /data (e.g., -v artifacts-data:/data).

What are the upload limits?

JSON body limit: 10 MB. Zip body limit: 50 MB input, max 100 MB uncompressed, max 2000 files. Zip archives must contain an index.html and only static-friendly extensions are allowed.

Do JSX/TSX artifacts require internet to render?

Yes. React components are rendered client‑side via esm.sh and Tailwind CDN, so the browser needs internet access. First load typically takes 1–3 seconds.

More from Other