treesitter-mcp
Verified Safeby Christoph
Overview
Facilitates AI-powered code analysis and refactoring by exposing code structure, usage, and diff analysis across multiple languages via the Model Context Protocol (MCP).
Installation
/path/to/treesitter-mcpSecurity Notes
The server operates over standard I/O (stdio) and does not expose network ports, minimizing its external attack surface. It executes `git` commands for diff analysis, but implements input validation (`validate_git_revision`) using a regex to prevent command injection. File system access is limited to reading files specified by tool arguments; integrating client applications are responsible for sanitizing user-provided paths to prevent arbitrary file access. No dynamic code execution (e.g., 'eval') or hardcoded secrets were identified.
Similar Servers
chunkhound
Provides local-first codebase intelligence, extracting architecture, patterns, and institutional knowledge for AI assistants.
In-Memoria
Provides persistent intelligence infrastructure for AI agents, enabling them to understand codebases, detect patterns, predict coding approaches, and generate context-aware insights.
easy-code-reader
Provides a Model Context Protocol (MCP) server for AI assistants to intelligently read Java source code from local projects and Maven dependencies, supporting decompilation and multi-module analysis.
ast-mcp-server
Provides an MCP (Model Context Protocol) server for code structure and semantic analysis using ASTs and ASGs, integrated with external AI clients like Claude Desktop.