tree-sitter-analyzer
Verified Safeby aimasteracc
Overview
Enterprise-grade code analysis and structural extraction across multiple programming languages, optimized for AI assistant integration via MCP protocol to assist in development workflows and token optimization.
Installation
uvx --from tree-sitter-analyzer[mcp] tree-sitter-analyzer-mcpEnvironment Variables
- TREE_SITTER_PROJECT_ROOT
- TREE_SITTER_OUTPUT_PATH
- TREE_SITTER_ANALYZER_ENABLE_FILE_LOG
- TREE_SITTER_ANALYZER_LOG_DIR
- TREE_SITTER_ANALYZER_FILE_LOG_LEVEL
- LOG_LEVEL
Security Notes
The project demonstrates a strong focus on security, with dedicated modules for path validation, input sanitization, and project boundary enforcement. It explicitly mentions protection against path traversal, null byte injection, and Unicode normalization attacks, and removes sensitive information from error responses. While Python's `subprocess.run` is used for integrating `fd` and `ripgrep`, the implementation appears to sanitize inputs and control commands, reducing common attack vectors. No direct 'eval' or obvious hardcoded secrets were found in the truncated code.
Similar Servers
code-index-mcp
Provides intelligent code indexing, searching, and analysis capabilities for large language models to understand and navigate codebases.
chunkhound
Transforms codebases into searchable knowledge bases for AI assistants using semantic search and regex search, with deep research capabilities for code and files.
CodeGraphContext
An MCP server that indexes local code into a Neo4j graph database to provide real-time, accurate context and relationship analysis to AI assistants for understanding, writing, and refactoring code.
code-assistant
An AI coding assistant that integrates with code editors to provide autonomous code analysis and modification, supporting multiple UI modes and the Agent Client Protocol (ACP).