kgraph
Verified Safeby DeepakJangra239
Overview
Indexes codebases into a knowledge graph to enable semantic search, precise code navigation, and impact analysis for LLM agents.
Installation
uv tool run kgraphSecurity Notes
The project uses `sqlite3` with parameterized queries, and `yaml.safe_load` for parsing configuration, which are good practices. File system operations are scoped to a user-provided root path. Dynamic module loading for Tree-sitter parsers (`importlib.import_module`) is based on internal, trusted YAML configuration files, mitigating risk. There are no obvious `eval()` calls or direct `subprocess` invocations with unsanitized user input. The primary security consideration would be if an attacker could somehow inject malicious content into the `root_path` or internal configuration files, which is outside the immediate scope of the server's code handling.
Similar Servers
chunkhound
Provides local-first codebase intelligence, extracting architecture, patterns, and institutional knowledge for AI assistants.
code-index-mcp
Intelligent code indexing and analysis for Large Language Models, enabling tasks such as code review, refactoring, documentation generation, debugging assistance, and architectural analysis.
CodeGraphContext
An AI pair programmer that provides real-time, accurate, context-aware assistance by indexing and analyzing codebases (local projects and dependencies) using a graph database, facilitating code understanding, writing, and refactoring across multiple programming languages.
CodeGraphContext
This MCP Server acts as an expert AI pair programmer's backend, providing real-time, accurate code analysis, indexing, and relationship information from a local codebase to assist with understanding, writing, and refactoring code.