sub-agents-mcp
Verified Safeby shinpr
Overview
Provides a Model Context Protocol (MCP) server to enable Claude Code–style sub-agent workflows in any MCP-compatible tool, executing agents via various AI CLI backends.
Installation
npx -y sub-agents-mcpEnvironment Variables
- AGENTS_DIR
- AGENT_TYPE
Security Notes
The server employs robust input validation for agent names, prompts, current working directory (CWD), and extra arguments, preventing path traversal and command injection attempts. It uses `child_process.spawn` with `shell: false` for external CLI execution, which is a strong defense against shell injection. Session management file paths are also carefully validated and secured with restrictive file permissions. The primary security consideration for users lies in the trustworthiness and potential vulnerabilities (e.g., command injection via their own prompt arguments or network access) of the underlying AI CLI tools (Cursor, Claude, Gemini, Codex) that this server orchestrates, as these are external to this codebase. No `eval` or obvious hardcoded secrets were found.
Similar Servers
rmcp
Perform sophisticated statistical analysis, econometrics, machine learning, and time series tasks using natural language conversations with AI assistants, demonstrating capabilities through a web interface.
company-docs-mcp
Transforms organizational documentation into an AI-powered knowledge base for semantic search, Q&A via chat interface, Claude Desktop, and Slack integration.
karma
A modern, dark-themed chat interface demonstrating the Karma Memory system for AI agents, enabling context-aware conversations and dynamic switching of memory retrieval and caching strategies.
fastmcp
Build fast, declarative, and type-safe servers implementing the Model Context Protocol (MCP) in Dart.