octocode-mcp
Verified Safeby bgauryy
Overview
The Octocode Research server enables AI agents to perform expert code forensics and deep-dive research across local filesystems (LSP, ripgrep, file I/O) and external GitHub repositories (code search, repo structure, pull requests, package search). It's optimized for architectural analysis, pattern discovery, and implementation planning.
Installation
npm startEnvironment Variables
- GITHUB_TOKEN
- GITLAB_TOKEN
- GITLAB_HOST
- WORKSPACE_ROOT
- LOG
- REDACT_ERROR_PATHS
- OCTOCODE_TS_SERVER_PATH
- OCTOCODE_PYTHON_SERVER_PATH
- OCTOCODE_GO_SERVER_PATH
- OCTOCODE_RUST_SERVER_PATH
- OCTOCODE_JAVA_SERVER_PATH
- OCTOCODE_RUBY_SERVER_PATH
- OCTOCODE_C_SERVER_PATH
- OCTOCODE_CPP_SERVER_PATH
- OCTOCODE_CSHARP_SERVER_PATH
- OCTOCODE_PHP_SERVER_PATH
- OCTOCODE_SWIFT_SERVER_PATH
- OCTOCODE_KOTLIN_SERVER_PATH
- OCTOCODE_TOKEN
Security Notes
The server implements strong security measures including Zod-based input validation, explicit path traversal protection, and command injection prevention for spawned child processes (e.g., `ripgrep`, `ls`). Sensitive data is redacted from logs and output. Authentication tokens are handled securely via environment variables, GitHub CLI, or an encrypted local store. The server binds to `localhost` by default. External exposure would require additional security layers.
Similar Servers
github-mcp-server
The GitHub MCP Server enables AI agents, assistants, and chatbots to interact with GitHub's platform for repository management, issue/PR automation, CI/CD intelligence, code analysis, and team collaboration through natural language.
CodeMCP
Provides deep code intelligence (symbol navigation, impact analysis, architecture maps, ownership, risk assessment) to AI assistants, CLI, and HTTP API.
codebase-context
Provides AI coding agents with real-time, context-rich insights into a codebase's patterns, libraries, architecture, and conventions to improve code generation quality and alignment with team standards.
github-mcp-server
Comprehensive GitHub workflow automation for AI-powered development teams, including actions monitoring, PR management, intelligent code search, and complete file management.