mcp-constraint-monitor
Verified Safeby fwornle
Overview
A real-time constraint enforcement and monitoring system designed to integrate with AI coding agents (like Claude Code) to prevent policy violations and ensure code quality and security before execution. It provides a dashboard for visualization and management of constraints and violations.
Installation
node src/server.jsEnvironment Variables
- GROK_API_KEY
- ANTHROPIC_API_KEY
- GOOGLE_API_KEY
- CODING_REPO
- CONSTRAINT_API_PORT
- CONSTRAINT_DASHBOARD_PORT
- QDRANT_HOST
- QDRANT_PORT
- ANALYTICS_DB_PATH
- CONSTRAINT_MONITOR_CONFIG
- CLAUDE_SESSION_ID
- CLAUDE_CODE_HOOK
Security Notes
The server's primary function is to enhance security by enforcing coding constraints (e.g., detecting hardcoded secrets, 'eval()' usage). It uses 'execSync' internally for loading configurations and health checks, which, while controlled by internal paths, could be a vector if external inputs were to influence the commands. The dashboard API is exposed with CORS for all origins, which is appropriate for local development but a significant risk if publicly exposed. Logging is carefully configured to avoid stdout when running as an MCP server or hook, preventing RPC stream corruption.
Similar Servers
mcpick
Manages MCP server configurations for Claude Code to optimize context usage and performance by enabling/disabling servers, creating backups, and using profiles.
spec-oxide
A simple and lightweight Micro-Container Platform (MCP) designed for spec-driven development workflows.
cldcde
A persistent context manager that scrapes, stores, searches, and analyzes AI conversations from various platforms (ChatGPT, Grok, Gemini, Claude) to support project development and insights.
mcp-devtools-server
This MCP server standardizes development tool patterns and provides AI-powered integrations to enable Claude Code to generate code more efficiently, reduce errors, and improve autocorrection for various programming languages and workflows.