tinystruct-mcp
Verified Safeby tinystruct
Overview
This server provides a JSON-RPC interface for Git, GitHub API, and file system operations, intended for integration into DevOps, automation, and AI-driven workflows.
Installation
bin/dispatcher start --import org.tinystruct.system.HttpServer --import org.tinystruct.mcp.GitHub --import org.tinystruct.mcp.FileSystem --server-port 777Security Notes
The server exposes powerful file system operations (read, write, delete, copy, move, mkdir) and Git commands (clone, pull, push) via JSON-RPC. These operations directly use user-provided paths without visible internal path validation or sandboxing beyond standard Java Path handling. If the server is exposed to untrusted users or runs with elevated file system permissions, it presents a critical risk, allowing arbitrary file manipulation or deletion on the host system. GitHub API calls require a personal access token, which, if compromised, grants full control over the specified repository. While JGit is used for Git operations (mitigating direct command injection risks), the overall design requires robust external authentication, authorization, and process sandboxing for safe deployment in any non-trusted environment.
Similar Servers
dev-kit-mcp-server
A Model Context Protocol (MCP) server for agent development tools, enabling secure, scoped operations within a root project directory.
docker-mcp-server
Provides a containerized Model Context Protocol (MCP) server for AI agents to securely execute shell commands and perform file operations via HTTP with bearer token authentication, supporting aggregation of child MCP servers.
git-mcp-server
Automates conventional Git commits, changelog updates, and optional pushes, primarily for AI assistants to generate commit messages based on code changes.
code-buddy
An AI-powered coding companion that functions as a Model Context Protocol (MCP) server, providing AI assistants with extensive file system and development tools.