codeguide-mcp
Verified Safeby delian
Overview
An MCP server that provides coding guides and best practices to AI assistants, designed to extend or replace `AGENTS.md` files.
Installation
docker run -i codeguide-mcpEnvironment Variables
- GUIDES_GITHUB_REPO
- GUIDES_GITHUB_PATH
- GUIDES_GITHUB_BRANCH
- GUIDES_CACHE_DIR
- GUIDES_DIR
- GUIDES_LOG_LEVEL
Security Notes
The server includes basic path traversal prevention for requested guide names (e.g., disallowing '/' and '..'). It performs network requests using `httpx` to the GitHub API, which mitigates generic SSRF risks by hardcoding the domain. Content fetched from GitHub is base64 decoded. There are no clear indications of `eval` or other dynamic code execution patterns. Configuration values, including GitHub repository details, are read from `config.toml` or environment variables, preventing hardcoded secrets. Potential risks include serving malicious Markdown content (client-side rendering vulnerability) or if the GitHub repository configuration could be manipulated to a malicious source within GitHub's ecosystem, but these are outside the direct control of the server's code logic.
Similar Servers
octocode
An intelligent code indexer and semantic search engine that builds knowledge graphs of codebases, providing AI-powered assistance for development tasks like natural language search, smart commits, and code reviews, with local-first and multi-language support.
mcp-server-csdn
The server automatically publishes Markdown articles to the CSDN platform, acting as a tool called by a Spring AI agent.
sumup-mcp
Provides a Model Context Protocol (MCP) server to enable natural language interactions with SumUp APIs via large language models (LLMs).
ancplua-mcp
Provides C#/.NET Model Context Protocol (MCP) servers to expose development tools for filesystem, Git, CI, Roslyn, and multi-AI orchestration workflows.