mcp-fs-server
by bramburn
Overview
Provides a Model Context Protocol (MCP) server that indexes code repositories for real-time semantic search, leveraging Ollama embeddings and Qdrant for vector storage.
Installation
node build/index.jsEnvironment Variables
- REPO_PATH
- QDRANT_URL
- QDRANT_API_KEY
- QDRANT_COLLECTION
- OLLAMA_MODEL
Security Notes
Hardcoded PostHog API key is present in both the MCP server and the VS Code extension's analytics services. This exposes a private API key, although it's for analytics. A more significant concern is the `FileHandler.handleExecuteCommand` in the VS Code extension, which executes arbitrary VS Code commands (`vscode.commands.executeCommand`) based on webview input without apparent whitelisting. This poses a critical vulnerability, as a malicious webview could trigger arbitrary code execution or system modifications within the VS Code environment. While the `ClipboardManager` has a `SENSITIVE_FILE_BLOCKLIST`, this arbitrary command execution could potentially bypass such file-based security checks.
Similar Servers
chunkhound
Provides local-first codebase intelligence, extracting architecture, patterns, and institutional knowledge for AI assistants.
codegraph-rust
Transforms codebases into a semantically searchable knowledge graph, enabling AI agents to reason about code relationships, architecture, and impact rather than just performing text-based searches.
context-engine
Provides an agent-agnostic local context engine via Model Context Protocol (MCP) for coding agents, enabling semantic search, planning, code review, and prompt enhancement with AI integration.
semantic-code-search-mcp-server
This MCP server exposes indexed code data to AI coding agents, enabling structured interaction for codebase understanding, code discovery, symbol analysis, and file content reconstruction.