multi-repo-context-MCP-server
by alessandropac96
Overview
A reusable server for agents to interact with and gain context from multiple local code repositories using a hierarchical tool organization.
Installation
npm startEnvironment Variables
- MULTI_REPO_MCP_CONFIG
- MULTI_REPO_MCP_REPOS_PATH
- DEBUG
Security Notes
The server dynamically loads tool modules using `import()` based on paths specified in its configuration files (e.g., `repo.tools` property). If a malicious actor can compromise or inject into the `.multi-repo-mcp/repos.json` (project-local or user config) or control the `MULTI_REPO_MCP_CONFIG` environment variable, they could specify paths to arbitrary code, leading to Remote Code Execution (RCE). Additionally, the `search_across_repos` tool uses a user-provided `query` in a regular expression, which could be vulnerable to Regular Expression Denial of Service (ReDoS) attacks. File system operations (`fs.readFile`, `fs.readdir`) are used, which, while generally restricted to configured `repoPath`s, could pose a risk if `repoPath` validation is circumvented (e.g., via symlinks, though `RepoValidator` attempts to prevent this).
Similar Servers
git-mcp-server
A Model Context Protocol (MCP) server that provides Git-specific tools and resources for AI/LLM agents to interact with version control systems.
mcp-mcp
Discovers and suggests other Model Context Protocol (MCP) servers to AI assistants based on natural language queries, returning their full documentation.
ultrascript-tools-mcp
An expert developer tool for comprehensive code analysis, semantic search, refactoring, code modification, and automated documentation. It leverages AI and specialized runtime environments (Node.js/Bun) for high performance, featuring deep Git integration for branch-aware indexing and merge conflict resolution across multiple programming languages.
AI-Prompt-Guide-MCP
Orchestrates AI agents for project management and development workflows by linking structured markdown specifications and tasks.