codebase-agent-mcp-server
Verified Safeby e11hzn
Overview
The Codebase MCP Server acts as an AI expert to index, search, and analyze Git repositories, assisting developers in understanding, reviewing, and querying code with deep codebase context.
Installation
npm startEnvironment Variables
- TRANSPORT
- PORT
- OPENAI_API_KEY
- ANTHROPIC_API_KEY
Security Notes
The codebase leverages `simple-git` for Git operations, which typically handles command argument escaping to prevent injection vulnerabilities. Input validation is performed using Zod schemas. Regex patterns are constructed with an `escapeRegex` helper to prevent regex injection. File system operations are confined to a designated `/tmp/mcp-repos` directory, mitigating arbitrary file access. No hardcoded secrets or direct `eval` usage are present. The primary security consideration is the lack of built-in authentication/authorization for the MCP HTTP endpoint; if deployed publicly, it would require an external security layer to prevent unauthorized access.
Similar Servers
git-mcp-server
A Model Context Protocol (MCP) server that provides Git-specific tools and resources for AI/LLM agents to interact with version control systems.
tenets
Provides intelligent, token-optimized code context and automatically injects guiding principles to AI coding assistants for enhanced understanding and consistent interactions.
athena-protocol
An intelligent MCP server that acts as an AI tech lead for coding agents, providing expert validation, impact analysis, and strategic guidance before code changes are made.
ultrascript-tools-mcp
An expert developer tool for comprehensive code analysis, semantic search, refactoring, code modification, and automated documentation. It leverages AI and specialized runtime environments (Node.js/Bun) for high performance, featuring deep Git integration for branch-aware indexing and merge conflict resolution across multiple programming languages.