mcp
by LandonSchropp
Overview
A personal Model Context Protocol (MCP) server providing custom prompts and tools for writing assistance, code planning, and Git/GitHub interactions, designed to integrate with AI agents like Claude Code.
Installation
landon-schropp-mcpEnvironment Variables
- PLANS_DIRECTORY
- WRITING_FORMAT
- WRITING_VOICE
- WRITING_IMPROVEMENT
Security Notes
CRITICAL PATH TRAVERSAL VULNERABILITY: The `create_plan_template` tool uses user-provided `featureBranch` directly in `path.join` and `path.resolve` to construct file paths. A malicious user could provide a `featureBranch` like `../../../../etc` to write files outside the intended `PLANS_DIRECTORY`, potentially leading to arbitrary file writes on the host system. This is a severe vulnerability. Additional points: - Reliance on external CLI tools (`git`, `gh`): Assumes these tools are installed and configured securely on the host system. While `nano-spawn` correctly passes arguments as arrays (mitigating simple command injection), the security posture depends on these external binaries. - No `eval` or obvious hardcoded secrets were found. - Environment variables are explicitly required and not hardcoded, which is a good practice.
Similar Servers
mcp-servers
Provides a curated collection of Model Context Protocol (MCP) server configurations to enable AI agents to interact with various developer tools and services.
claude-prompts-mcp
Manages hot-reloadable prompt templates, structured reasoning, and multi-step chain workflows to enhance AI assistant interactions through a Model Context Protocol (MCP) compatible server.
1xn-vmcp
An open-source platform for composing, customizing, and extending multiple Model Context Protocol (MCP) servers into a single logical, virtual MCP server, enabling fine-grained context engineering for AI workflows and agents.
mcp-ai-agent-guidelines
A comprehensive framework for building, orchestrating, and validating AI agents and their design processes, with a strong focus on code quality, security, and prompt engineering.