git-mcp-scoped-repo-server
Verified Safeby alacambra
Overview
Provides Claude with scoped file system access and Git operations within a specific directory of a Git repository, ensuring path traversal protection.
Installation
node dist/index.jsEnvironment Variables
- MCP_SCOPED_REPO_PATH
- MCP_SCOPED_REPO_ROOT
Security Notes
The server implements robust path validation using `path.resolve` and `path.normalize` to prevent path traversal attacks, explicitly checking if resolved paths remain within the configured `basePath`. File system operations use `fs/promises`. Git commands are executed via `child_process.execFile` which is safer than `exec` as it avoids shell interpretation of arguments, with `cwd` explicitly set to the `repoRoot`. Delete operations are intentionally omitted. No 'eval' or other dynamic code execution is apparent. No hardcoded secrets were found. The server communicates via standard I/O (StdioServerTransport) which typically implies local process communication rather than exposing network ports by default, reducing external attack surface.
Similar Servers
DesktopCommanderMCP
This server empowers AI agents to search, update, manage files, and execute terminal commands on a local or containerized desktop environment. It provides enhanced filesystem operations, process control, and data analysis capabilities with support for various file types like text, Excel, and PDF.
cldcde
A persistent context manager that scrapes, stores, searches, and analyzes AI conversations from various platforms (ChatGPT, Grok, Gemini, Claude) to support project development and insights.
claude-code-plugins
This repository provides a collection of plugins for Claude Code, enabling the AI agent to interact with external developer tools for tasks like Sentry error diagnosis, PostHog feature management, and detailed codebase analysis using a specialized CLI.
session-buddy
The MCP server provides comprehensive session management, conversation memory, quality monitoring, and developer tooling integration for Claude Code projects, aiming to reduce token usage and enhance development workflows. It integrates with various LLM providers, Git worktrees, and code quality tools like Crackerjack.