cog-mcp
by vitorcalvi
Overview
Provides AI assistants with semantic code search and code structure analysis using local Metal GPU acceleration on Apple Silicon.
Installation
npx ts-node dreams-mcp.tsSecurity Notes
The server uses `child_process.exec` to run Python scripts constructed from user input. While `query` and `text` inputs are partially escaped (single quotes), the `file_path` argument in the `get_file_structure` tool is directly interpolated into the Python script without proper escaping. This creates a critical path traversal vulnerability, allowing an attacker to potentially read arbitrary files on the system by providing a path like `../../../../etc/passwd`.
Similar Servers
chunkhound
Provides local-first codebase intelligence, extracting architecture, patterns, and institutional knowledge for AI assistants.
CodeGraphContext
An AI pair programmer that provides real-time, accurate, context-aware assistance by indexing and analyzing codebases (local projects and dependencies) using a graph database, facilitating code understanding, writing, and refactoring across multiple programming languages.
apple-rag-mcp
Provides a comprehensive RAG (Retrieval-Augmented Generation) server for AI agents to search and retrieve content from Apple's developer documentation and WWDC transcripts.
codebase-RAG
A Retrieval-Augmented Generation (RAG) server designed to assist AI agents and developers in understanding and navigating codebases through semantic search.