blink
Verified Safeby GitHubNexon
Overview
An AI-powered agentic command-based assistant that can read, create, and modify code files using Replicate's Claude models.
Installation
python main.pyEnvironment Variables
- REPLICATE_API_TOKEN
- MODEL
- WORKSPACE_ROOT
Security Notes
The server demonstrates strong security practices, particularly in API token handling (in-memory, cleared on exit, never saved to disk, validated on startup) and file system interactions (using `pathvalidate.sanitize_filepath` and explicit path resolution to the `workspace_root`). There is no use of `eval` or `exec` on user-controlled input, mitigating common code injection risks. All file operations are channeled through a robust file handler, reducing path traversal vulnerabilities. The primary remaining risk is the inherent nature of AI code generation, where a malicious prompt could potentially lead the AI to generate insecure code, but the server's implementation itself is secure.
Similar Servers
DesktopCommanderMCP
This server empowers AI agents to search, update, manage files, and execute terminal commands on a local or containerized desktop environment. It provides enhanced filesystem operations, process control, and data analysis capabilities with support for various file types like text, Excel, and PDF.
wcgw
Empowering chat applications to code, build, and run on your local machine by providing tightly integrated shell and code editing tools.
code-assistant
Standardizes communication between code editors and AI coding agents, enabling autonomous code analysis and modification via command-line, GUI, or server modes.
responsible-vibe-mcp
Manages conversation state and guides LLM coding agents through structured software development workflows with long-term project memory and multi-agent collaboration.