codescene-mcp-server
Verified Safeby codescene-oss
Overview
The CodeScene MCP Server exposes CodeScene's Code Health analysis as local AI-friendly tools to augment AI prompts with code quality insights.
Installation
docker run -it --rm -p 5000:5000 -e CS_ACCESS_TOKEN="YOUR_CODE_SCENE_TOKEN" -e CS_MOUNT_PATH="$(pwd)" -v "$(pwd):/mount" codescene/codescene-mcpEnvironment Variables
- CS_ACCESS_TOKEN
- CS_ONPREM_URL
- CS_ACE_ACCESS_TOKEN
- CS_MOUNT_PATH
- CS_DEFAULT_PROJECT_ID
- REQUESTS_CA_BUNDLE
- SSL_CERT_FILE
- CURL_CA_BUNDLE
Security Notes
The server primarily acts as an intermediary, executing the local CodeScene CLI and calling CodeScene APIs. It uses `subprocess.run` to execute external commands, which is inherent to its functionality but generally well-controlled by the application logic. API tokens are expected from environment variables, and no hardcoded secrets were found. Path adaptation for Docker environments is implemented with checks to prevent unintended access. No obvious malicious patterns or obfuscation were observed. The primary security risk involves proper configuration of access tokens and host path mounts in Docker environments.
Similar Servers
code-index-mcp
Intelligent code indexing and analysis for Large Language Models, enabling tasks such as code review, refactoring, documentation generation, debugging assistance, and architectural analysis.
CodeGraphContext
An AI pair programmer that provides real-time, accurate, context-aware assistance by indexing and analyzing codebases (local projects and dependencies) using a graph database, facilitating code understanding, writing, and refactoring across multiple programming languages.
CodeGraphContext
This MCP Server acts as an expert AI pair programmer's backend, providing real-time, accurate code analysis, indexing, and relationship information from a local codebase to assist with understanding, writing, and refactoring code.
code-assistant
Standardizes communication between code editors and AI coding agents, enabling autonomous code analysis and modification via command-line, GUI, or server modes.