narsil-mcp
Verified Safeby postrv
Overview
AI-powered code analysis and understanding for developers and coding agents, providing semantic search, call graphs, security audits, and architectural insights.
Installation
narsil-mcp server --repo <path_to_repository> --index-path <path_for_index_files>Environment Variables
- GITHUB_TOKEN
- VOYAGE_API_KEY
- OPENAI_API_KEY
- NARSIL_CONFIG_PATH
- NARSIL_USER_CONFIG_PATH
- NARSIL_PROJECT_CONFIG_PATH
- NARSIL_NEURAL_BACKEND
- NARSIL_NEURAL_MODEL_PATH
- NARSIL_NEURAL_API_ENDPOINT
Security Notes
The project demonstrates a strong focus on security, with explicit modules for secret redaction, robust input validation (e.g., git arguments, regex patterns for ReDoS prevention, path traversal checks), and a default 'read_only' mode. It also includes comprehensive security scanning capabilities as core features, such as taint analysis, OWASP Top10, and CWE Top25 checks. No obvious critical vulnerabilities or malicious patterns were found in the provided source code snippets.
Similar Servers
codegraph-rust
Transforms codebases into a semantically searchable knowledge graph, enabling AI agents to reason about code relationships, architecture, and impact rather than just performing text-based searches.
CodeMCP
Provides deep code intelligence (symbol navigation, impact analysis, architecture maps, ownership, risk assessment) to AI assistants, CLI, and HTTP API.
treesitter-mcp
Provides a Model Context Protocol (MCP) server and CLI for static code analysis using Tree-sitter.
ultrascript-tools-mcp
An expert developer tool for comprehensive code analysis, semantic search, refactoring, code modification, and automated documentation. It leverages AI and specialized runtime environments (Node.js/Bun) for high performance, featuring deep Git integration for branch-aware indexing and merge conflict resolution across multiple programming languages.