aibolit-mcp-server
by cqfn
Overview
Provides static code analysis feedback (most critical design issue) to AI agents for Java code refactoring via the Model Context Protocol (MCP).
Installation
npx aibolit-mcp-server@0.0.6Security Notes
The server uses `execSync` to run `aibolit` (a Python tool). The `path` variable, which is a user-provided argument from the AI agent, is directly interpolated into the shell command string (e.g., `python3 -m aibolit check --full --filenames ${path}`). This creates a command injection vulnerability, allowing an attacker to execute arbitrary shell commands by crafting a malicious file path.
Similar Servers
tiger-gh-mcp-server
Provides a set of focused tools to Large Language Models (LLMs) for interacting with the GitHub API, enabling capabilities like fetching issues, pull requests, commits, releases, and searching code within a specified organization.
tiger-memory-mcp-server
A backend server for a Minecraft-related application, likely providing data management or proxy services.
mcp-server
This server integrates Kontent.ai content management with AI tools, allowing natural language operations to create, manage, and explore structured content.
mcp-server-koyeb
A TypeScript/Node.js backend server application, likely intended for deployment on a serverless platform like Koyeb.