git-mcp-server
by GHjiejie
Overview
This server provides a Model Context Protocol (MCP) interface for executing Git operations and generating AI-powered weekly reports using a local Ollama instance.
Installation
npm startSecurity Notes
The server uses `child_process.exec` to execute Git commands. Several handlers, such as `handleGitAdd`, `handleGitBranch`, and `handleGitRemote`, directly concatenate user-provided arguments (`files`, `branchName`, `name`, `url`) into shell commands without sufficient sanitization. This presents a critical shell injection vulnerability, allowing an attacker to execute arbitrary commands on the host system by crafting malicious input arguments. While `git_commit` attempts basic escaping for the message, it's not comprehensive enough for all shell contexts, and other commands lack even this basic protection. The `directory` argument is also directly used as `cwd`, which could be exploited in conjunction with injection to target specific paths.
Similar Servers
mcp-server-typescript
Provides a Model Context Protocol (MCP) server to enable AI assistants to access DataForSEO's SEO data APIs through a standardized interface.
ssh-mcp-server
Provides secure SSH capabilities (command execution, SFTP, port forwarding, templates) for AI assistants to manage remote servers.
tinystruct-mcp
A modular Java server providing a JSON-RPC interface for file system and Git/GitHub operations, aimed at automation and DevOps workflows.
mcp_tools_server
An MCP server that empowers an LLM to act as a comprehensive, multi-platform AI assistant capable of managing files, system processes, web browsing, personal organization, and media control on a local device.