scraps
Verified Safeby boykush
Overview
A local CLI tool and Model Context Protocol (MCP) server for managing interconnected Markdown documentation, enabling static site generation, searching, templating, and AI assistant integration for knowledge base interaction.
Installation
scraps mcp serveSecurity Notes
The server operates as a local CLI tool, primarily interacting with user-controlled project directories. Path handling uses `std::path::PathBuf::join` and `strip_prefix`, which are robust against path traversal when combining trusted base paths with relative user input. External `git` commands are executed but scoped to the project directory. The HTTP server (`serve` command) and MCP server (`mcp serve` command) expose local services, which are typically safe within a local execution context. No `eval` or hardcoded sensitive credentials were found. The main security consideration is the inherent risk of any local CLI tool if a user is coerced into running it with a maliciously crafted `project_path`.
Similar Servers
docs-mcp-server
The Documentation MCP Server indexes documentation from various sources (web, local files, registries) and makes it semantically searchable via vector embeddings, primarily for AI coding assistants.
chunkhound
Transforms codebases into searchable knowledge bases for AI assistants using semantic search and regex search, with deep research capabilities for code and files.
mcp-obsidian
Connects AI assistants to Obsidian vaults for secure and intelligent interaction, enabling AI-powered knowledge management.
pluggedin-app
A testing environment for MCP (Model Context Protocol) servers, enabling interaction via a chat interface powered by Large Language Models (LLMs) and LangChain ReAct framework.