Anti-Soy
Verified Safeby EricJujianZou
Overview
Automated GitHub profile analysis for assessing developer skills and detecting AI-generated code in hiring processes.
Installation
cd server && uv run uvicorn main:app --reloadEnvironment Variables
- GITHUB_TOKEN
- GEMINI_API_KEY
- VITE_API_BASE_URL
Security Notes
The server clones external GitHub repositories into a temporary directory and processes their content for analysis. While safeguards like file size limits (`MAX_FILE_SIZE`, `MAX_TOTAL_CONTENT`) are in place, processing arbitrary external code always carries inherent risks (e.g., resource exhaustion from specially crafted large or malicious files). Subprocess calls for 'git clone' and 'git log' are constructed with parsed URL components and safe paths, mitigating direct command injection risks. CORS is set to 'allow_origins=["*"]' in 'server/main.py', which is insecure for production but specified in the README as a development setting. No direct 'eval' or obvious code execution from uncontrolled user input was found.
Similar Servers
github-mcp-server
The GitHub MCP Server enables AI agents, assistants, and chatbots to interact with GitHub's platform for repository management, issue/PR automation, CI/CD intelligence, code analysis, and team collaboration through natural language.
octocode-mcp
The Octocode Research server enables AI agents to perform expert code forensics and deep-dive research across local filesystems (LSP, ripgrep, file I/O) and external GitHub repositories (code search, repo structure, pull requests, package search). It's optimized for architectural analysis, pattern discovery, and implementation planning.
CodeGraphContext
This MCP Server acts as an expert AI pair programmer's backend, providing real-time, accurate code analysis, indexing, and relationship information from a local codebase to assist with understanding, writing, and refactoring code.
codebase-context
Provides AI coding agents with real-time, context-rich insights into a codebase's patterns, libraries, architecture, and conventions to improve code generation quality and alignment with team standards.