claude-mermaid
Verified Safeby veelenga
Overview
Provides an MCP server for rendering Mermaid diagrams in a coding environment with live reload and saving capabilities.
Installation
claude-mermaidEnvironment Variables
- CLAUDE_MERMAID_LOG_LEVEL
Security Notes
The server implements strong input validation for preview IDs and save paths using regex and checks against system directories, mitigating path traversal and injection risks. HTML content rendered for previews is also escaped to prevent XSS. The use of `npx @mermaid-js/mermaid-cli` for rendering, while involving `child_process.execFile`, is done with carefully constructed arguments and temporary files in isolated directories, reducing command injection surfaces. Live server runs on localhost with a Content Security Policy (CSP) header further limiting potential attack vectors.
Similar Servers
spec-workflow-mcp
A Model Context Protocol (MCP) server designed to facilitate structured, specification-driven software development with real-time monitoring through a web dashboard and a VSCode extension.
mcp-mermaid
Generate Mermaid diagrams and charts dynamically using AI models, supporting various output formats and styling options.
cclsp
MCP server to integrate LLM-based coding agents with Language Server Protocol (LSP) servers for robust symbol resolution and code navigation.
memory-graph
Provides intelligent, persistent graph-based memory capabilities for AI assistants and coding agents in Claude Code environments.