code-memory
by consigcody94
Overview
A persistent context vault for AI-assisted development, solving the 'missing context' problem by remembering decisions, indexing code, preserving conversations, and tracking evolution.
Installation
npx code-memoryEnvironment Variables
- CODE_MEMORY_DIR
Security Notes
The server's core functionality involves indexing and searching local file systems (`index_codebase`, `search_code`) based on user-provided paths. While `path.resolve` normalizes paths, there are no explicit sandboxing mechanisms to restrict the 'path' argument to a specific, safe directory (beyond the `.code-memory` data storage itself). This means an attacker who can manipulate the AI's prompts could potentially coerce the MCP server to read arbitrary files from the local file system (e.g., sensitive configurations, private keys, etc.) that the Node.js process has access to. This is a significant arbitrary file read vulnerability if the AI client is compromised or jailbroken. No `eval` or intentional obfuscation was found, and error handling is present, but the powerful file access is a critical risk.
Similar Servers
mcp-server-csdn
The server automatically publishes Markdown articles to the CSDN platform, acting as a tool called by a Spring AI agent.
MCPify
Exposes ASP.NET Core endpoints and OpenAPI specifications as Model Context Protocol (MCP) tools for AI assistants.
ancplua-mcp
Provides C#/.NET Model Context Protocol (MCP) servers to expose development tools for filesystem, Git, CI, Roslyn, and multi-AI orchestration workflows.
MCP_server
The MCP Server enables AI models to securely interact with local system resources through a defined protocol, offering granular control over file access, code execution, resource usage, and various communication transports.