codemesh
by IDragos94
Overview
CodeMesh acts as an intermediary MCP server that allows AI agents to write and execute TypeScript code to orchestrate tools and data from multiple configured MCP servers, featuring a self-improving augmentation system for documentation.
Installation
npx codemeshSecurity Notes
The project relies on `vm2@3.9.19` for sandboxed TypeScript code execution. The `pnpm-lock.yaml` explicitly marks this dependency as "deprecated: The library contains critical security issues and should not be used for production! The maintenance of the project has been discontinued. Consider migrating your code to isolated-vm." This poses a significant security risk, as a malicious agent or crafted input could exploit these vulnerabilities to break out of the sandbox. While `eval: false` and `wasm: false` are configured, these do not mitigate the underlying `vm2` security issues. Environment variable handling for sub-servers correctly uses substitution to prevent hardcoding secrets.
Similar Servers
seamless-agent
Empowers AI agents within GitHub Copilot Chat (or similar LM clients) to seek interactive user confirmation and feedback via specialized tools (ask_user, plan_review, walkthrough_review) before executing actions, ensuring user control.
strawberry-mcp
This MCP server provides a tool for Large Language Models (LLMs) to count the occurrences of a specific letter within a given word, serving as a simple joke/learning example for building MCP tools.
MinecraftDeveloperMCP
Provides an HTTP API for Spigot/Paper Minecraft servers to enable external tooling for automated administration and management.
mcp-servers-devops-toolkit
Provides a curated list of Model Context Protocol (MCP) servers relevant to DevOps workflows for AI agents and developers.