athena-protocol
Verified Safeby n0zer0d4y
Overview
An intelligent MCP server that acts as an AI tech lead for coding agents, providing expert validation, impact analysis, and strategic guidance before code changes are made.
Installation
npx @n0zer0d4y/athena-protocolEnvironment Variables
- DEFAULT_LLM_PROVIDER
- PROVIDER_SELECTION_PRIORITY
- <PROVIDER_NAME>_API_KEY
- <PROVIDER_NAME>_MODEL
- <PROVIDER_NAME>_TEMPERATURE
- <PROVIDER_NAME>_MAX_TOKENS
- <PROVIDER_NAME>_TIMEOUT
- LLM_TEMPERATURE_DEFAULT
- LLM_MAX_TOKENS_DEFAULT
- LLM_TIMEOUT_DEFAULT
- OPENAI_MAX_COMPLETION_TOKENS_DEFAULT
- OPENAI_VERBOSITY_DEFAULT
- OPENAI_REASONING_EFFORT_DEFAULT
- TOOL_CALLING_READ_FILE_ENABLED
- TOOL_CALLING_SEARCH_FILES_ENABLED
- TOOL_CALLING_LIST_FILES_ENABLED
- TOOL_CALLING_WRITE_TO_FILE_ENABLED
- TOOL_CALLING_REPLACE_IN_FILE_ENABLED
- TOOL_CALLING_EXECUTE_COMMAND_ENABLED
- TOOL_CALLING_MAX_FILE_SIZE_KB
- TOOL_CALLING_MAX_EXECUTION_TIME_SEC
- TOOL_CALLING_ALLOWED_FILE_EXTENSIONS
- TOOL_CALLING_ALLOWED_COMMANDS
- TOOL_TIMEOUT_THINKING_VALIDATION_MS
- TOOL_TIMEOUT_IMPACT_ANALYSIS_MS
- TOOL_TIMEOUT_ASSUMPTION_CHECKER_MS
- TOOL_TIMEOUT_DEPENDENCY_MAPPER_MS
- TOOL_TIMEOUT_THINKING_OPTIMIZER_MS
- NODE_ENV
- DEBUG
- CONFIG_UNIFIED
- CONNECTION_POOL_ENABLED
- CONNECTION_POOL_MAX_CONNECTIONS
- CONNECTION_POOL_KEEP_ALIVE
- CLIENT_CACHE_ENABLED
- CLIENT_CACHE_TTL
- CLIENT_MAX_CACHE_SIZE
- ENV_CACHE_TTL
- MEMORY_MAX_SHORT_TERM_ENTRIES
- MEMORY_MAX_PERSISTENT_ENTRIES
- MEMORY_COMPRESSION_THRESHOLD
- MEMORY_RELEVANCE_THRESHOLD
- LOG_ENABLED
- LOG_LEVEL
- LOG_PATH
Security Notes
The server enables execution of shell commands (`executeShell`) and Git operations (`gitOperation`) via internal tools. While `executeShell` is safeguarded by a strict whitelist (`TOOL_CALLING_ALLOWED_COMMANDS`) and explicit `enabled` flag (default true), `gitOperation` does not appear to have the same whitelist validation applied directly within the `ToolCallingService` before execution. File writing (`writeFile`) and editing (`editFile`) are disabled by default (`TOOL_CALLING_WRITE_TO_FILE_ENABLED=false`, `TOOL_CALLING_REPLACE_IN_FILE_ENABLED=false`), which is a critical security measure. The `README.md` explicitly warns about the 'CRITICAL RISK' of `executeCommand` and encourages careful whitelisting. No hardcoded sensitive secrets are present in the core server, with API keys managed through environment variables. The test project's intentional flaws (e.g., multiple JWT secrets) are confined to test infrastructure and not the MCP server itself.
Similar Servers
cclsp
Integrate LLM-based coding agents with Language Server Protocol (LSP) servers to enable robust code navigation, symbol resolution, and refactoring across various programming languages.
In-Memoria
Provides persistent intelligence infrastructure for AI agents, enabling them to understand codebases, detect patterns, predict coding approaches, and generate context-aware insights.
tenets
Provides intelligent, token-optimized code context and automatically injects guiding principles to AI coding assistants for enhanced understanding and consistent interactions.
ultrascript-tools-mcp
An expert developer tool for comprehensive code analysis, semantic search, refactoring, code modification, and automated documentation. It leverages AI and specialized runtime environments (Node.js/Bun) for high performance, featuring deep Git integration for branch-aware indexing and merge conflict resolution across multiple programming languages.