python-dependency-manager-companion-mcp-server
Verified Safeby KemingHe
Overview
Provides up-to-date Python package manager documentation to AI agents, cross-referencing official docs for pip, conda, poetry, uv, pixi, and pdm.
Installation
docker run -i --rm keminghe/py-dep-man-companionSecurity Notes
The server primarily functions as a search interface over pre-indexed documentation. It uses Tantivy for search, which is a library for information retrieval, not code execution. No direct use of 'eval' or arbitrary code execution mechanisms is apparent in the provided Python source summaries. Network risks are limited to outbound connections for documentation updates (which occur weekly, not on user request) and serving search results via standard I/O. There are no exposed APIs beyond stdin/stdout, reducing external attack surface. No hardcoded secrets were found. The primary risk would stem from vulnerabilities in the Tantivy library or the FastMCP framework itself, rather than the application logic.
Similar Servers
context7
Provides LLMs with up-to-date, version-specific documentation and code examples for various programming libraries to enhance code generation and API usage accuracy.
mcp-server
Provides a Model Context Protocol (MCP) server for AI agents to search and retrieve curated documentation for the Strands Agents framework, facilitating AI coding assistance.
package-registry-mcp
Enables AI assistants and agents to search various package registries (NPM, Cargo, NuGet, PyPI, Go) and retrieve up-to-date package information.
pypi-query-mcp-server
A Model Context Protocol (MCP) server for querying PyPI package information, dependencies, and compatibility checking for LLM-based coding agents.