lgtmcp
Verified Safeby shields
Overview
An MCP server that performs AI-powered code reviews using Google Gemini 2.5 Pro, providing detailed feedback or automatic commit if approved.
Installation
lgtmcpEnvironment Variables
- XDG_CONFIG_HOME
- GOOGLE_APPLICATION_CREDENTIALS
Security Notes
The server demonstrates strong security practices for file access. The `handleFileRetrieval` function (used by Gemini for context) explicitly prevents path traversal (e.g., `../`), resolves symlinks to ensure they stay within the repository, and critically, uses `git check-ignore` to block access to gitignored files (like `.env`, `secrets.txt`). Integrated Gitleaks scans diffs for secrets proactively. API keys are handled via configuration (not hardcoded) and validated. No `eval` or obfuscation patterns are present.
Similar Servers
gemini-mcp-tool
A Model Context Protocol (MCP) server that enables AI assistants to interact with the Google Gemini CLI for comprehensive code and file analysis, structured edit suggestions, and creative brainstorming.
claude-power-pack
Provides AI-powered code review and analysis using Google Gemini, offering detailed feedback, root cause analysis, and security considerations across multi-turn sessions.
ai-changelog-generator
The AI Changelog Generator MCP Server analyzes git commits and working directory changes using AI models to generate comprehensive changelogs and repository insights.
ultrascript-tools-mcp
A smart assistant that analyzes codebases, understands component relationships, and answers natural language questions using AI, focusing on tasks like code search, refactoring, impact analysis, and merge conflict resolution.