search-mcp
Verified Safeby blakazulu
Overview
A local-first Model Context Protocol (MCP) server providing semantic search and indexing capabilities for codebases, enabling AI assistants to understand and interact with project code and documentation.
Installation
npx @liraz-sbz/search-mcpEnvironment Variables
- DATABASE_HOST
- DATABASE_PORT
- DATABASE_NAME
- DATABASE_USER
- DATABASE_PASSWORD
- JWT_SECRET
- SESSION_EXPIRY
- GOOGLE_CLIENT_ID
- GOOGLE_CLIENT_SECRET
- GITHUB_CLIENT_ID
- GITHUB_CLIENT_SECRET
Security Notes
The server demonstrates strong security practices for a local-first application. It uses a stdio transport, limiting external network exposure by default. Comprehensive path validation (e.g., `safeJoin`, `normalizePathUnicode`, symlink checks) is implemented to prevent path traversal and arbitrary file deletion. SQL injection is mitigated using `escapeSqlString`, and input schemas prevent oversized or malformed inputs (DoS protection). Concurrency is managed with `IndexingLock` to prevent race conditions during index operations.
Similar Servers
chunkhound
Provides local-first codebase intelligence, extracting architecture, patterns, and institutional knowledge for AI assistants.
context-engine
Provides an agent-agnostic local context engine via Model Context Protocol (MCP) for coding agents, enabling semantic search, planning, code review, and prompt enhancement with AI integration.
CodeMCP
Provides deep code intelligence (symbol navigation, impact analysis, architecture maps, ownership, risk assessment) to AI assistants, CLI, and HTTP API.
sourcegraph-mcp
Provides AI-enhanced code search and content fetching capabilities from Sourcegraph instances to LLM agents.