dep-context-mcp
Verified Safeby jarecsni
Overview
Provides AI coding assistants with API context about project dependencies by reading directly from node_modules, enabling semantic search and local-first operations.
Installation
node dist/index.jsEnvironment Variables
- DEPCONTEXT_CONFIG
- DEPCONTEXT_CACHE_DIR
- OPENAI_API_KEY
- GITLAB_TOKEN
Security Notes
The server prioritizes a 'local-first' architecture, reading directly from `node_modules` without external network calls for core functionality. Optional features like vector search (with OpenAI) or GitLab source enrichment are clearly documented as requiring external network access and environment variables for sensitive API keys/tokens. The use of `cross-spawn` (via `@modelcontextprotocol/sdk`) is present, but it's for managing dependencies (e.g., potentially triggering `npm install` for internal tasks) which is an expected capability for such a server. No `eval` or obvious malicious patterns are present in the provided source code. User input is not directly passed to shell commands without sanitization in the analyzed code.
Similar Servers
chunkhound
Provides local-first codebase intelligence, extracting architecture, patterns, and institutional knowledge for AI assistants.
context-engine
Provides an agent-agnostic local context engine via Model Context Protocol (MCP) for coding agents, enabling semantic search, planning, code review, and prompt enhancement with AI integration.
CodeMCP
Provides deep code intelligence (symbol navigation, impact analysis, architecture maps, ownership, risk assessment) to AI assistants, CLI, and HTTP API.
sourcegraph-mcp
Provides AI-enhanced code search and content fetching capabilities from Sourcegraph instances to LLM agents.