cov-loupe
Verified Safeby keithrbennett
Overview
Provides an MCP server, CLI, and Ruby library for analyzing SimpleCov test coverage data, primarily to enable AI assistants to query and report on codebase coverage.
Installation
cov-loupe --mode mcpEnvironment Variables
- COV_LOUPE_OPTS
Security Notes
The `validate` tool/command, utilizing `PredicateEvaluator`, executes arbitrary Ruby code via `instance_eval` from either a code string or a file. This is a significant security risk if untrusted input is provided to this specific tool/command, as it grants full system privileges. The source code and documentation explicitly highlight this danger. Other tools do not present such a direct code execution risk. No hardcoded secrets or apparent obfuscation were found. Network risks from the core MCP server are minimal as it uses stdio transport, but external commands executed by malicious predicates could pose network threats.
Similar Servers
codebadger
A containerized Model Context Protocol (MCP) server providing static code analysis using Joern's Code Property Graph (CPG) technology.
Unified-MCP-Tool-Graph
The Unified MCP Tool Graph aggregates and structures tool APIs from diverse Model Context Protocol (MCP) servers into a centralized Neo4j graph database, enabling LLMs and agentic AI systems to dynamically retrieve the most relevant tools for any task.
X96Dbg-MCP-Server-Plugin
Provides a JSON-RPC bridge for x32dbg/x64dbg, allowing external automations to inspect and control a debugged process without direct UI interaction.
inspector-assessment
Provides a comprehensive automated assessment platform for Model Context Protocol (MCP) servers, analyzing their security, functionality, protocol compliance, documentation, and various extended metrics. It acts as an inspector and auditing tool for MCP server developers and maintainers.