superdesign-mcp-server
by zjohnsonbox
Overview
An AI-powered agent for rapid UI/frontend design exploration and code generation within VS Code, offering tools for layout, theme, and component creation.
Installation
npx tsx ./src/index.tsEnvironment Variables
- AI_PROVIDER
- SECURITY_MODE
- WORKSPACE_ROOT
- ANTHROPIC_API_KEY
- OPENAI_API_KEY
- OPENROUTER_API_KEY
- ANTHROPIC_BASE_URL
- SUPERDESIGN_MAX_VARIATIONS
- ENABLE_FILE_LOGGING
- ANTHROPIC_DEFAULT_SONNET_MODEL
- CLAUDE_CODE_PATH
- CLAUDE_CODE_MODEL_ID
- CLAUDE_CODE_THINKING_BUDGET
Security Notes
Critical security vulnerabilities found due to hardcoded API keys. Specifically, a Supabase 'anon' role API key is hardcoded in `src/extension.ts` for email submissions, and Helicone API keys (`sk-helicone-...`) are hardcoded in `src/services/customAgentService.ts` for proxying Anthropic and OpenAI requests. Hardcoding API keys exposes them to anyone with access to the code, leading to potential abuse, service disruption, or unauthorized access. While the `bash-tool` includes logic to prevent dangerous commands and restricts file operations to the workspace, the explicit use of `bash -c` still carries inherent risks, and regex-based tools (`grep-tool`, `glob-tool`) could be vulnerable to ReDoS attacks, though resource limits are in place.
Similar Servers
responsible-vibe-mcp
Manages conversation state and guides LLM coding agents through structured software development workflows with long-term project memory and multi-agent collaboration.
claude-code-buddy
An intelligent AI Agent orchestration system for Claude Code, focusing on smart task routing, prompt enhancement, project memory, workflow guidance, and planning, presented via a real-time terminal UI dashboard.
cldcde
A persistent context manager that scrapes, stores, searches, and analyzes AI conversations from various platforms (ChatGPT, Grok, Gemini, Claude) to support project development and insights.
codearchitect-mcp
Automatically saves and retrieves AI conversation sessions from IDEs (Cursor, VS Code) to provide context continuity and build a searchable knowledge base for developers.