tda
by irockel
Overview
Headless analysis of Java thread dumps for diagnosing performance issues, deadlocks, and virtual thread problems, primarily for integration with AI agents or automated pipelines.
Installation
java -Djava.awt.headless=true -jar path/to/tda.jar --mcpEnvironment Variables
- BROWSER
Security Notes
The `parse_log` tool accepts an arbitrary file path, which could lead to unauthorized local file reading if the input is not strictly validated (e.g., preventing directory traversal). The `Browser.open` utility, used for opening external links (e.g., from welcome page or help dialogs), uses `Runtime.getRuntime().exec` to launch an external browser, which introduces a command injection risk if the URL argument can be manipulated to execute arbitrary commands, especially if the `BROWSER` environment variable is hijacked or misconfigured. This server is intended for local process communication, but the lack of input sanitization for file paths and external command execution makes it vulnerable if the AI agent is compromised or given malicious instructions.
Similar Servers
sonarqube-mcp-server
The SonarQube MCP Server enables seamless integration with SonarQube Server or Cloud for code quality and security, supporting analysis of code snippets and acting as a backend for AI coding agents.
jadx-mcp-server
Facilitates live, LLM-driven reverse engineering and vulnerability analysis of Android APKs by integrating JADX with the Model Context Protocol.
mcpcat-typescript-sdk
This SDK integrates analytics and telemetry capabilities into existing Model Context Protocol (MCP) servers, capturing user intentions, tool usage, and error patterns.
easy-code-reader
Provides a Model Context Protocol (MCP) server for AI assistants to intelligently read Java source code from local projects and Maven dependencies, supporting decompilation and multi-module analysis.