mcp-optimist
Verified Safeby Atomic-Germ
Overview
Provides comprehensive static code analysis and optimization suggestions for JavaScript/TypeScript codebases.
Installation
node dist/index.jsEnvironment Variables
- OPTIMIST_LOG_LEVEL
- OPTIMIST_MAX_FILES
- OPTIMIST_ANALYSIS_TIMEOUT
- OPTIMIST_PARALLEL_WORKERS
- OPTIMIST_CACHE_ENABLED
- OPTIMIST_CACHE_DIR
- NODE_OPTIONS
Security Notes
The core server performs static code analysis locally, with a stated design principle of 'Sandboxed Analysis: No code execution during analysis' and 'No Network Access: All analysis performed locally'. However, the utility scripts (`tools/ask_kimi.js`, `tools/ask_kimi_then_qwen.js`) utilize `child_process.execSync` and `spawn` to invoke internal tools and external LLMs (via the `consult_ollama` tool). While these calls are currently controlled to execute trusted local scripts/tools, dynamic code generation and execution (`fs.writeFileSync` then `node <temp_file>`) in `tools/ask_kimi_then_qwen.js` for LLM interaction is a potential vector for code injection if the LLM output is not properly sanitized before embedding it into executable code. No obvious hardcoded secrets or arbitrary network risks were found in the core server logic.
Similar Servers
Unity-MCP
AI-powered game development assistant that bridges Large Language Models (LLMs) with Unity Editor and runtime game builds, enabling AI to control Unity via the Model Context Protocol.
mcpd-proxy
Provides a network proxy for Minecraft Protocol connections, facilitating traffic management and potential modifications.
dev-kit-gh-mcp-server
A server providing Model Context Protocol (MCP) tools for automating and interacting with GitHub repositories, primarily for bots and AI agents.
strawberry-mcp
Provides an MCP tool for LLMs to count letter occurrences in words.