athena-protocol
by n0zer0d4y
Overview
This server acts as an AI tech lead, providing expert validation, impact analysis, and strategic guidance to AI coding agents before code changes are made.
Installation
npx @n0zer0d4y/athena-protocolEnvironment Variables
- PROVIDER_SELECTION_PRIORITY
- DEFAULT_LLM_PROVIDER
- ANTHROPIC_API_KEY
- OPENAI_API_KEY
- GOOGLE_API_KEY
- GROQ_API_KEY
- XAI_API_KEY
- OPENROUTER_API_KEY
- PERPLEXITY_API_KEY
- MISTRAL_API_KEY
- OLLAMA_API_KEY
- ZAI_API_KEY
- AZURE_API_KEY
- BEDROCK_API_KEY
- VERTEX_API_KEY
- OPENAI_MODEL_DEFAULT
- ANTHROPIC_MODEL_DEFAULT
- GOOGLE_MODEL_DEFAULT
- LLM_TEMPERATURE_DEFAULT
- LLM_MAX_TOKENS_DEFAULT
- LLM_TIMEOUT_DEFAULT
- OPENAI_MAX_COMPLETION_TOKENS_DEFAULT
- OPENAI_VERBOSITY_DEFAULT
- OPENAI_REASONING_EFFORT_DEFAULT
- NODE_ENV
- DEBUG
- CONFIG_UNIFIED
- TOOL_CALLING_READ_FILE_ENABLED
- TOOL_CALLING_WRITE_TO_FILE_ENABLED
- TOOL_CALLING_REPLACE_IN_FILE_ENABLED
- TOOL_CALLING_EXECUTE_COMMAND_ENABLED
- TOOL_CALLING_MAX_FILE_SIZE_KB
- TOOL_CALLING_MAX_EXECUTION_TIME_SEC
- TOOL_CALLING_ALLOWED_FILE_EXTENSIONS
- TOOL_CALLING_ALLOWED_COMMANDS
Security Notes
The `executeShellTool` (used by `ToolCallingService`) directly executes arbitrary commands via `child_process.exec`. While `TOOL_CALLING_EXECUTE_COMMAND_ENABLED` is `true` by default and limited by an `allowedCommands` whitelist, the `command.startsWith()` check is insufficient to prevent shell injection (e.g., `ls -l; rm -rf /`). This presents a critical security risk. Additionally, `globTool` and `grepTool` use user-provided patterns to construct regular expressions, which can be vulnerable to Regular Expression Denial of Service (ReDoS) if not properly sanitized. The `writeFile` and `editFile` tools are disabled by default, which mitigates file writing risks, but can be enabled via configuration.
Similar Servers
cclsp
MCP server to integrate LLM-based coding agents with Language Server Protocol (LSP) servers for robust symbol resolution and code navigation.
In-Memoria
Provides persistent intelligence infrastructure (semantic concepts, patterns, architecture) for AI agents to understand and interact with codebases.
doc-bot
An intelligent MCP server designed to enhance AI coding assistants by providing project-specific documentation and API references through smart search, contextual rules, and live updates.
mcp-ai-agent-guidelines
A comprehensive framework for building, orchestrating, and validating AI agents and their design processes, with a strong focus on code quality, security, and prompt engineering.