agents
Verified Safeby j-shelfwood
Overview
Orchestrates multiple autonomous GitHub Copilot CLI agents in parallel for complex development tasks, supervised by Claude Code through an MCP server.
Installation
node mcp-servers/agent/index.jsEnvironment Variables
- AGENT_BIN_PATH
- AGENT_HOME
- AGENT_SYSTEM_INSTRUCTIONS_PATH
- COPILOT_BIN
- XDG_CONFIG_HOME
- XDG_DATA_HOME
Security Notes
The server primarily relies on spawning external shell commands (`agent`) to interact with the underlying system and Copilot CLI. It uses `child_process.spawn` with an array of arguments, which is generally safer against shell injection than `exec` for user-provided inputs. A `validateSessionName` function adds a layer of protection against malicious session names. The `AGENT_CMD` path is configurable via `AGENT_BIN_PATH`, which, if set to a malicious executable by a user, could pose a risk, but this is an environmental configuration concern rather than a direct code vulnerability. The `execAsync` is used for non-user-input commands like `list` and `health_check`. Overall, the use of safer `spawn` with argument arrays for critical, user-input-driven operations significantly enhances security.
Similar Servers
claude-code-subagents-collection
Provides a command-line interface to browse, install, manage, and verify Claude Code subagents, commands, and external MCP (Model Context Protocol) servers, facilitating local and project-level configuration for development workflows.
claude-codex-settings
This repository provides a toolkit and configurations for integrating Model Context Protocol (MCP) servers into Claude Code plugins, enabling AI agents to interact with external services, local tools, and APIs within an AI-assisted development environment.
tmux-mcp
Enables AI assistants to interact with, control, and observe tmux terminal sessions.
consult-llm-mcp
Facilitates Claude Code to consult powerful external AI models for complex code analysis, debugging, and review tasks.