coherence-mcp
by toolate28
Overview
Serves as an MCP server providing coherence validation, governance primitives, decision tracking, and documentation search for the SpiralSafe ecosystem, primarily designed for AI agent interaction.
Installation
npx @hopeandsauced/coherence-mcpEnvironment Variables
- ATOM_AUTH_TOKEN
- SPIRALSAFE_API_TOKEN
Security Notes
The server, as implemented, explicitly lacks built-in authentication, rate limiting, and audit logging, despite documentation claiming these features. This makes it highly vulnerable if exposed directly. There is a potential for path traversal in the 'context_pack' tool via user-supplied document paths and for command injection in gate transitions if 'context' parameters can be crafted to execute shell commands. TypeScript's strict mode is disabled, increasing the risk of runtime errors and vulnerabilities. While it references external security practices in `SECURITY.md`, the core server itself does not enforce them.
Similar Servers
mcp-servers
A curated collection of Model Context Protocol (MCP) server configurations to integrate various developer tools and services with AI agents.
copilot-security-instructions
This MCP server provides a toolkit to guide GitHub Copilot toward secure coding practices by offering customizable security-focused prompts and agents for integration into development workflows.
tenets
Provides intelligent, token-optimized code context and automatically injects guiding principles to AI coding assistants for enhanced understanding and consistent interactions.
athena-protocol
An intelligent MCP server that acts as an AI tech lead for coding agents, providing expert validation, impact analysis, and strategic guidance before code changes are made.