code-buddy
by Abhi-vish
Overview
An AI-powered coding companion that functions as a Model Context Protocol (MCP) server, providing AI assistants with extensive file system and development tools.
Installation
uv --directory /path/to/code-buddy run python -m src.server.mainEnvironment Variables
- OPENAI_API_KEY
- PROJECT_ROOT
- ALLOW_EXTERNAL_PATHS
- MAX_FILE_SIZE
- MAX_DEPTH
- LOG_LEVEL
Security Notes
The server includes a `RunCommandTool` that uses `subprocess.run` (or `asyncio.create_subprocess_shell`) to execute arbitrary shell commands based on LLM output. Additionally, the `PathValidator`'s `allow_external_paths` is `true` by default, meaning the agent can access and modify files anywhere on the file system, not just within the project root. These features, while powerful, introduce significant security risks if the LLM's command generation or file access can be exploited by malicious prompts, potentially leading to arbitrary code execution or unauthorized file manipulation outside the intended project scope. The `edit_file` tool also has a strict matching requirement, pushing agents towards `write_file` which is more destructive for broad changes.
Similar Servers
XcodeBuildMCP
A Model Context Protocol (MCP) server that provides Xcode-related tools for AI assistants, enabling programmatic interaction with Xcode projects, simulators, devices, and Swift packages.
wcgw
An MCP server that empowers AI chat applications to execute shell commands, edit code, and manage project context on a local machine for development tasks.
mcp-server
Provides a Model Context Protocol (MCP) server for AI agents to search and retrieve curated documentation for the Strands Agents framework, facilitating AI coding assistance.
doc-bot
An intelligent MCP server designed to enhance AI coding assistants by providing project-specific documentation and API references through smart search, contextual rules, and live updates.