vibecheck
Verified Safeby kfreiman
Overview
A server for intelligent analysis of CVs and job descriptions, facilitating recruitment by assessing document fit and generating interview questions.
Installation
docker compose up -dEnvironment Variables
- VIBECHECK_STORAGE_PATH
- VIBECHECK_STORAGE_TTL
- VIBECHECK_PORT
- LOG_FORMAT
- LOG_LEVEL
- OLLAMA_HOST
Security Notes
The project demonstrates a strong awareness of common security risks, with explicit checks for path traversal ('..') and null bytes ('\x00') in file paths. Document processing for PDFs uses `go-pdfium` (WebAssembly), providing a sandboxed environment. HTML processing uses a headless Playwright browser and `go-readability` to extract content, which isolates rendering from the main application logic and attempts to remove boilerplate. No obvious hardcoded secrets or malicious patterns were found in the provided code. The reliance on distroless base images and structured error handling, as stated in the README, further enhances security posture. The system is described as a 'portfolio/demo project,' implying it may not be fully battle-hardened for all real-world attack vectors, but the explicit measures taken are robust.
Similar Servers
mcp-devtools
A high-performance MCP server providing a unified interface to essential developer tools, featuring OAuth 2.0/2.1 authorization and a multi-layered security framework.
kafka-mcp-server
Enables LLM models and AI applications to interact with Apache Kafka for producing/consuming messages, managing topics, monitoring consumer groups, and assessing cluster health via the Model Context Protocol (MCP).
mcp-factcheck
The MCP Fact-Check MCP Server validates content against the Model Context Protocol (MCP) specification using AI-powered semantic search to ensure technical accuracy and prevent misinformation.
jobsearch-mcp-server
This server provides AI-powered job search assistance by fetching job listings and matching them against a user's resume.