codebase-context-mcp
by PatrickSys
Overview
An MCP server that provides AI agents with deep, context-aware understanding of a codebase's patterns, libraries, conventions, and architecture for generating more accurate and relevant code.
Installation
npx codebase-context-mcp /path/to/your/projectEnvironment Variables
- CODEBASE_ROOT
Security Notes
The `LanceDBStorageProvider.search` method constructs 'where' clauses for database queries using direct string interpolation of filter values (e.g., `filters.framework`, `filters.componentType`, `filters.layer`, `filters.language`). If an MCP client sends untrusted or malicious strings for these filters (e.g., `'angular' OR 1=1 --`), it could lead to a LanceDB query injection, allowing attackers to bypass intended filtering logic and potentially access unauthorized data or disrupt query execution. This is a critical vulnerability as the input schema for the `search_codebase` tool does not specify validation or sanitization for these string inputs. No other 'eval' or direct arbitrary code execution was identified.
Similar Servers
ssh-mcp-server
Enables AI assistants to securely interact with remote SSH servers for command execution, file transfers, and port forwarding.
mcp-code-exec-python
This server provides a Model Context Protocol (MCP) interface for executing arbitrary Python code snippets, including optional pip package installations, primarily designed for agent-based interactions on Heroku.
red_teaming_mcp_server
Provides file system access, web content fetching, Git repository interaction, time utilities, memory management via a knowledge graph, and sequential thinking capabilities for LLMs.
KM-remote-mcp-server
AI-powered expense management assistant that helps users track, summarize, and manage their personal expenses through natural language interactions.