mcp-gopls
Verified Safeby hloiseau
Overview
Provides a Model Context Protocol (MCP) server for AI assistants to interact with Go code via gopls, offering navigation, diagnostics, testing, coverage, and refactoring capabilities.
Installation
mcp-gopls --workspace /absolute/path/to/your/go/projectEnvironment Variables
- MCP_GOPLS_WORKSPACE
- MCP_GOPLS_GOPLS_PATH
- MCP_GOPLS_LOG_FILE
- MCP_GOPLS_LOG_LEVEL
- MCP_GOPLS_LOG_JSON
- MCP_GOPLS_RPC_TIMEOUT
- MCP_GOPLS_SHUTDOWN_TIMEOUT
Security Notes
The server's core function is to execute external Go tools (gopls, go test, go mod tidy, govulncheck) based on inputs from an AI client. This inherently involves running subprocesses with arguments derived from potentially untrusted AI input. The project mitigates direct shell injection by using `exec.Command` directly (not through a shell) and includes some path sanitization. It explicitly sets `GOTOOLCHAIN=local` for its child processes, which is good practice. The security largely depends on the trustworthiness of the AI client and the environment's `PATH` configuration. No obvious hardcoded secrets, 'eval' usage, or blatant malicious patterns were found, justifying its primary purpose as a developer tool.
Similar Servers
azure-devops-mcp
Provides a local Model Context Protocol (MCP) server that enables AI agents to interact with Azure DevOps, performing tasks such as managing work items, repositories, pipelines, test plans, wikis, and advanced security directly from a code editor.
cclsp
Integrate LLM-based coding agents with Language Server Protocol (LSP) servers to enable robust code navigation, symbol resolution, and refactoring across various programming languages.
mcp-devtools
A high-performance MCP server providing a unified interface to essential developer tools, featuring OAuth 2.0/2.1 authorization and a multi-layered security framework.
relace-mcp
Provides AI-powered code editing and intelligent codebase exploration using a Language Server Protocol (LSP) interface.