codebase-context
Verified Safeby PatrickSys
Overview
An MCP server providing real-time codebase context (patterns, libraries, architecture, momentum) to AI coding agents to improve code quality and adherence to team standards.
Installation
npx codebase-context /path/to/your/projectEnvironment Variables
- EMBEDDING_PROVIDER
- EMBEDDING_MODEL
- OPENAI_API_KEY
- CODEBASE_ROOT
- CODEBASE_CONTEXT_DEBUG
Security Notes
The server executes `git log` via `child_process.exec` to gather file commit dates for pattern momentum analysis. While `exec` can be risky, its usage here is limited to a specific, non-user-controlled command (`git log`) and wrapped with error handling, reducing the direct arbitrary command injection risk. It can be configured to use OpenAI embeddings, which requires an `OPENAI_API_KEY` that should be managed securely. The `apiEndpoint` for OpenAI is configurable; using an untrusted endpoint could compromise the API key. There are no obvious hardcoded secrets or malicious patterns (e.g., `eval` of user input) detected. The tool runs locally, limiting external attack surface.
Similar Servers
context7
The Context7 MCP server provides up-to-date, version-specific documentation and code examples from source repositories directly into LLM prompts to improve AI coding assistance.
code-index-mcp
Intelligent code indexing and analysis for Large Language Models, enabling tasks such as code review, refactoring, documentation generation, debugging assistance, and architectural analysis.
chunkhound
Local-first codebase intelligence tool for AI assistants, extracting architecture, patterns, and institutional knowledge at any scale via Model Context Protocol (MCP).
CodeGraphContext
An AI pair programmer that provides real-time, accurate, context-aware assistance by indexing and analyzing codebases (local projects and dependencies) using a graph database, facilitating code understanding, writing, and refactoring across multiple programming languages.