mcp
Verified Safeby supermodeltools
Overview
Provides AI agents with deep codebase analysis by generating comprehensive code graphs from local repositories via the Supermodel API, enabling understanding of code structure, dependencies, and relationships.
Installation
npx @supermodeltools/mcp-serverEnvironment Variables
- SUPERMODEL_API_KEY
- SUPERMODEL_BASE_URL
Security Notes
The server demonstrates good security practices by explicitly externalizing API keys via environment variables and including robust file exclusion patterns (like .gitignore and a list of sensitive files/directories) during repository zipping, which prevents accidental leakage of credentials or processing of irrelevant/large files. Temporary ZIP files are also managed with cleanup. The use of `child_process.execSync` is present for retrieving git metadata, which is typically a security concern, but its application is limited to benign git commands within a validated directory, mitigating the immediate risk. The core code analysis is performed by an external API, shifting some security considerations to that service.
Similar Servers
chunkhound
Provides local-first codebase intelligence, extracting architecture, patterns, and institutional knowledge for AI assistants.
code-index-mcp
Intelligent code indexing and analysis for Large Language Models, enabling tasks such as code review, refactoring, documentation generation, debugging assistance, and architectural analysis.
CodeGraphContext
This MCP Server acts as an expert AI pair programmer's backend, providing real-time, accurate code analysis, indexing, and relationship information from a local codebase to assist with understanding, writing, and refactoring code.
codegraph-rust
Transforms codebases into a semantically searchable knowledge graph, enabling AI agents to reason about code relationships, architecture, and impact rather than just performing text-based searches.