lsmcp
Verified Safeby depoll
Overview
Provides AI models with semantic code understanding and refactoring capabilities via Language Server Protocol (LSP) integration.
Installation
docker run --rm -i -v "$(pwd):$(pwd)" -w "$(pwd)" lsmcp:latestEnvironment Variables
- LOG_LEVEL
- NODE_ENV
Security Notes
The project emphasizes a 'container-first architecture' with Docker, providing good isolation. It uses `child_process.spawn` with `shell: false` and includes input sanitization functions (`escapeRegExp`, `escapeShell`, `validateFilePath`, `sanitizeFileURI`) to prevent command injection and path traversal. Filesystem modifications are performed through `src/utils/file-operations.ts` which relies on URIs being safe. The `executeCommand` tool allows executing LSP server commands, which could be a vector if the underlying LSP server exposes dangerous commands, but this is a function of LSP itself. Overall, good security practices are evident.
Similar Servers
mcp-language-server
Proxies a Language Server Protocol (LSP) server to provide semantic code intelligence tools to Model Context Protocol (MCP) clients, enabling LLMs to interact with codebases.
chunkhound
Transforms codebases into searchable knowledge bases for AI assistants using semantic search and regex search, with deep research capabilities for code and files.
cclsp
MCP server to integrate LLM-based coding agents with Language Server Protocol (LSP) servers for robust symbol resolution and code navigation.
codeweaver
CodeWeaver is an AI-first MCP server designed to provide 'exquisite context' for AI agents by offering semantic code search and code analysis capabilities.