ErgoAI-MCP-server
by iarwain1
Overview
Enables AI coding agents to interact with the ErgoAI reasoning engine for logic programming, query execution, and knowledge representation.
Installation
npx ergoai-mcp-serverEnvironment Variables
- ERGOAI_PATH
Security Notes
Critical shell injection vulnerability identified: The `run_ergo_query` tool directly uses user-provided `query` strings in a `spawn` command where `shell: true` is enabled for Windows (via `spawn` options). This allows malicious shell metacharacters (e.g., `&`, `|`, `&&`, `||`) within the query to execute arbitrary commands via `cmd.exe` on Windows systems. On Linux/macOS, direct command injection into `runergo` itself (if it supports such escapes within its '-e' argument) is also a concern. While `run_ergo_code` and `check_ergo_syntax` write code to temporary files, `run_ergo_file` directly uses `file_path` as an argument, which could still be vulnerable to shell injection depending on the path's content. The overall lack of input sanitization for user-provided query strings and file paths before executing external processes makes this server unsafe to run without modifications.
Similar Servers
klavis
Develop and deploy AI agents that interact with a wide array of web services (e.g., Gmail, YouTube, LinkedIn, Supabase, Salesforce, Kubernetes) through a standardized Model Context Protocol (MCP), often orchestrated by an intelligent routing layer like Strata.
cclsp
Integrate LLM-based coding agents with Language Server Protocol (LSP) servers to enable robust code navigation, symbol resolution, and refactoring across various programming languages.
mcpc
Build and compose agentic Model Context Protocol (MCP) servers and tools, enabling AI assistants to discover, integrate, and orchestrate other MCP servers for complex tasks.
agentx
A unified CLI tool for managing MCP (Model Context Protocol) servers and skills across multiple AI coding agents like Claude Code, Codex, Cursor, Gemini CLI, and OpenCode.