mcp-atlas
Verified Safeby mpreziuso
Overview
An MCP server enabling AI assistants to interact with Ariga Atlas migration tools for database schema management.
Installation
npx -y @mpreziuso/mcp-atlasSecurity Notes
The server executes external 'atlas' CLI commands using `node:child_process.spawn` with `shell: true`. While a custom `escapeShellArg` function is used to escape arguments, relying on `shell: true` with custom escaping can be less secure than passing arguments as an array to `spawn` (without `shell: true`) or using a more robust, battle-tested library. This approach introduces a potential, albeit mitigated, risk of shell injection if the escaping mechanism were to be bypassed or contain a subtle flaw. No 'eval', obfuscation, or hardcoded secrets were found. Database connection URLs and other sensitive parameters are passed by the AI assistant as tool arguments, implying user control.
Similar Servers
context-portal
Manages structured project context for AI assistants and developer tools, enabling Retrieval Augmented Generation (RAG) and prompt caching within IDEs.
openapi-mcp-server
Converts OpenAPI specifications into Model Context Protocol (MCP) tools, enabling AI assistants to interact with APIs.
DatabaseMcpServer
Provides a robust and secure database access layer for AI assistants, supporting 19 types of databases with single-instance multi-database dynamic switching and over 50 tools for data and schema management.
photons
A comprehensive demonstration MCP server showcasing various functionalities of the Photon runtime, including basic data handling, streaming responses, progress reporting, in-memory state management, and interactive UI elements. It serves as a reference for developers building new photons.