ast-mcp-server
Verified Safeby angrysky56
Overview
Provides a Model Context Protocol (MCP) server for deep code analysis, offering Abstract Syntax Tree (AST) and Abstract Semantic Graph (ASG) generation, code structure analysis, and transformation capabilities, primarily for integration with AI agents like Claude Desktop.
Installation
uv run ast-mcp-serverEnvironment Variables
- OPENROUTER_API_KEY
- OPENROUTER_CHAT_MODEL
- OPENROUTER_EMBED_MODEL
- NEO4J_URI
- NEO4J_USER
- NEO4J_PASSWORD
- NEO4J_DB
- AST_CACHE_SIZE
Security Notes
The server uses `subprocess.run` to execute the `ast-grep` CLI tool. The developers acknowledge this and implement mitigations by avoiding `shell=True`, passing arguments as a list, and resolving absolute paths, which reduces the risk of shell injection (as noted by `trunk-ignore(bandit/B603)`). Sensitive credentials like API keys (OpenRouter) and Neo4j database access are handled using environment variables, which is a secure practice. No `eval` or other direct code execution vulnerabilities from untrusted input were identified.
Similar Servers
Delphi-MCP-Server
Implements the Model Context Protocol (MCP) in Delphi to enable AI-powered development workflows and integrate with clients like Claude Code.
consult-llm-mcp
An MCP server that allows an AI agent (Claude Code) to consult more powerful external AI models for code analysis, debugging, and review, providing relevant files and git diffs as context.
claude-faf-mcp
Provides AI-optimized context for software projects to large language models, enhancing collaboration and project understanding via 50+ specialized tools within Claude Desktop workflows.
ultrascript-tools-mcp
An AI-powered assistant for analyzing, navigating, and refactoring codebases using a code graph and semantic search.