Skillget

asynkor

mcp
Security Audit
Fail
Health Pass
  • License — License: Apache-2.0
  • Description — Repository has a description
  • Active repo — Last push 0 days ago
  • Community trust — 26 GitHub stars
Code Fail
  • os.homedir — User home directory access in client/src/cli.ts
  • process.env — Environment variable access in client/src/cli.ts
  • network request — Outbound network request in client/src/cli.ts
  • os.homedir — User home directory access in client/src/config.ts
  • process.env — Environment variable access in client/src/config.ts
  • process.env — Environment variable access in client/src/proxy.ts
  • network request — Outbound network request in client/src/proxy.ts
Permissions Pass
  • Permissions — No dangerous permissions requested
Purpose
This tool provides a centralized MCP server that uses file leasing to prevent merge conflicts when multiple AI agents or developers edit the same codebase simultaneously.

Security Assessment
Overall Risk: Medium. The tool routinely accesses the user's home directory and reads environment variables, which is typical for applications managing local configurations and session states. However, the scan identified outbound network requests in the client code. Given its architecture (which relies on Redis locks and centralizing file snapshots), these requests are likely necessary for server communication. While no dangerous shell executions or hardcoded secrets were found, the inherent requirement to transmit file contents over the network means developers should ensure they connect exclusively to trusted or self-hosted servers to prevent data leakage.

Quality Assessment
The project appears healthy and actively maintained, with repository updates pushed as recently as today. It is properly licensed under Apache-2.0, making it safe for commercial and open-source use. Community trust is currently low but growing, represented by 26 GitHub stars.

Verdict
Use with caution. The underlying code is safe and well-licensed, but you must secure the networking layer to protect your proprietary file snapshots during transmission.
SUMMARY

File leasing for AI agent teams. One MCP server. Any IDE. Zero merge conflicts.

README.md

Asynkor

File leasing for AI agent teams.
One MCP server. Any IDE. Zero merge conflicts.

npm License Stars Discord

Documentation | Website | Quickstart | Self-hosting

The problem

Your team runs multiple AI agents in parallel — Claude Code, Cursor, Windsurf, Codex — across different machines. They rewrite each other's files, duplicate each other's work, and forget what the team decided yesterday.

Git catches conflicts at merge time. Asynkor prevents them at edit time.

How it works

Agents connect to one shared MCP server. When an agent starts work, it leases the files it plans to touch. Other agents see the lease and wait. When the first agent finishes, it releases the lease and uploads a snapshot of the file content. The next agent gets the snapshot, writes it locally, and edits on top — no git pull needed, no merge conflicts.

Agent A                          Asynkor                          Agent B
  │                                │                                │
  ├─ asynkor_start(paths=[api.ts]) │                                │
  │  ◄── lease acquired ──────────►│                                │
  │                                │◄── asynkor_start(paths=[api.ts])
  │                                │──► BLOCKED: api.ts leased      │
  │  ... editing api.ts ...        │                                │
  │                                │     ... works on other files ..│
  ├─ asynkor_finish(snapshots)     │                                │
  │  ◄── leases released ────────►│                                │
  │                                │◄── asynkor_lease_wait(api.ts)  │
  │                                │──► acquired + file snapshot    │
  │                                │     writes snapshot to disk    │
  │                                │     edits on top of A's work   │
  │                                │                                │
  │         Both commit. Zero conflicts.                            │

Features

  • File leasing — atomic Redis locks with 5-minute TTL. One agent edits a file at a time. Others wait automatically.
  • Cross-machine file sync — file content flows through the server. Two devs on separate laptops, zero merge conflicts.
  • Parking and handoffs — save work mid-session. Another agent resumes exactly where you left off via handoff_id.
  • Overlap detection — path-level and plan-text similarity. Catches conflicts before work begins, not at merge time.
  • Compounding team memory — architectural decisions, gotchas, conventions captured by agents and inherited by every future session.
  • Protected zones — mark sensitive code areas as warn, confirm, or block. Agents get guardrails automatically.
  • Live dashboard — real-time view of active agents, file leases, parked work, conflicts, and activity.
  • Any IDE — standard MCP protocol. Works with Claude Code, Cursor, Windsurf, VS Code, JetBrains, Zed, Codex CLI, and anything that supports MCP.

Quickstart

Two commands. Works with any MCP-compatible agent.

# 1. Initialize in your project (prompts for API key)
npx @asynkor/mcp init

# 2. Register the MCP server with your agent (Claude Code example)
claude mcp add asynkor -- npx @asynkor/mcp start

Restart your editor. From the next session, every agent on the team shares one brain.

Other IDEs

Add to your agent's MCP config:

{
  "mcpServers": {
    "asynkor": {
      "command": "npx",
      "args": ["-y", "@asynkor/mcp", "start"],
      "env": { "ASYNKOR_API_KEY": "your_key_here" }
    }
  }
}

Works with Cursor, Windsurf, VS Code (Copilot), JetBrains, Zed, Codex CLI, and any MCP-compatible agent.

MCP Tools

Tool Purpose
asynkor_briefing Get team state: active work, leases, parked sessions, memory, follow-ups
asynkor_start Declare work + acquire file leases
asynkor_check Check rules, zones, leases for specific paths
asynkor_remember Save knowledge to the team brain
asynkor_finish Complete work, release leases, upload file snapshots
asynkor_park Pause work for another agent to resume
asynkor_lease_acquire Lease additional files mid-work
asynkor_lease_wait Wait for blocked files (25s, retryable)
asynkor_cancel Clean up stale/orphaned work

Architecture

Agents (Claude Code, Cursor, Windsurf, Codex)
        │
        │  stdio (MCP protocol)
        ▼
┌─────────────────────────────────┐
│  @asynkor/mcp (TypeScript)      │  ← npm package, runs locally
│  Local MCP proxy                │
└────────────────┬────────────────┘
                 │  HTTP + SSE
                 ▼
        ┌───────────────────┐
        │  asynkor-mcp (Go) │  ← this repo
        │  Coordination     │
        └──┬─────┬─────┬────┘
           │     │     │
        Redis  NATS  HTTP → Backend API
        (leases, (pub/sub)  (auth, teams,
         work,              persistence)
         sync)

Go MCP Server — real-time coordination: file leasing (atomic Lua scripts), work tracking, overlap detection, team memory distribution, file snapshot sync.

TypeScript Client — local proxy that bridges stdio (what IDEs speak) to HTTP+SSE (what the server speaks). Installed per-developer via npm.

Redis — the coordination spine. Leases, active work, sessions, file snapshots. All operations use atomic Lua scripts to prevent race conditions.

Self-hosting

Run the full stack with Docker Compose:

git clone https://github.com/asynkor-com/asynkor.git
cd asynkor
cp .env.example .env  # edit with your values
docker compose up -d

Services: Go MCP server, Redis, NATS. The server is stateless — Redis holds all coordination state.

See self-hosting docs for production deployment with TLS, backups, and monitoring.

Documentation

Full docs at asynkor.com/docs:

Community

Contributing

See CONTRIBUTING.md for development setup and guidelines.

License

Apache 2.0

Reviews (0)

No results found