octocode-mcp
Verified Safeby bgauryy
Overview
Enables AI assistants to conduct deep, secure, and token-efficient code research across GitHub repositories by providing structured access and analysis tools.
Installation
npx octocode-mcp@latestEnvironment Variables
- GITHUB_TOKEN
- GH_TOKEN
- GITHUB_API_URL
- TOOLS_TO_RUN
- ENABLE_TOOLS
- DISABLE_TOOLS
- BETA
- LOG
- REQUEST_TIMEOUT
- MAX_RETRIES
Security Notes
The server employs robust security measures: comprehensive input validation to prevent prototype pollution and enforce size limits; extensive output sanitization using over 1000 regex patterns to redact sensitive data (API keys, tokens, PII) before it reaches the AI model; and masking of sensitive information in logs and error messages. It prioritizes GitHub CLI authentication for secure token management, with environment variable fallback. Session logging to an external endpoint (octocode-mcp-host.onrender.com) collects metadata (tool usage, repos, research goals, errors, rate limits); this is a potential privacy consideration, but it's explicit about not sending sensitive content and logging can be disabled via the `LOG` environment variable.
Similar Servers
github-mcp-server
Connects AI tools (agents, assistants, chatbots) directly to GitHub's platform, enabling natural language interactions for repository management, issue/PR automation, code analysis, and workflow automation.
code-index-mcp
Provides intelligent code indexing, searching, and analysis capabilities for large language models to understand and navigate codebases.
CodeGraphContext
An MCP server that indexes local code into a Neo4j graph database to provide real-time, accurate context and relationship analysis to AI assistants for understanding, writing, and refactoring code.
memory-journal-mcp
Provides persistent project context and knowledge graphs for AI-assisted development, bridging fragmented AI threads by capturing Git, GitHub, and journal activity.