context-mcp
mcp
Basarisiz
Health Gecti
- License — License: Apache-2.0
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Community trust — 25 GitHub stars
Code Basarisiz
- fs module — File system access in .github/workflows/release-cli.yml
- rm -rf — Recursive force deletion command in deployments/dodopayments/cloudflare-worker/src/index.ts
- network request — Outbound network request in deployments/dodopayments/cloudflare-worker/src/index.ts
- execSync — Synchronous shell command execution in packages/cli/src/commands/init.ts
Permissions Gecti
- Permissions — No dangerous permissions requested
Purpose
This tool is a self-hosted server that indexes documentation into a searchable knowledge base using Pinecone and OpenAI, serving the data to AI assistants via the Model Context Protocol (MCP) and REST APIs.
Security Assessment
The overall risk is rated as Medium. The scan identified a few notable code behaviors that require attention:
* Shell execution: The CLI uses `execSync` in its initialization command, which could be a vector for code injection if user inputs are not properly sanitized.
* Dangerous file operations: A recursive force deletion command (`rm -rf`) is present within the specific deployment folder, which is typical for cleanup scripts but can be risky if misconfigured.
* Network requests: Outbound network requests were detected in the deployment code. Given the tool's reliance on third-party APIs, this is expected, but you should be aware that your documentation and API keys (OpenAI, Pinecone) will be sent over the network.
No hardcoded secrets or dangerous broad permissions were found.
Quality Assessment
The project appears to be in good health and actively maintained, with its most recent push occurring today. It uses the permissive and standard Apache-2.0 license, making it safe for commercial and private use. Community trust is currently in the early growth stage, indicated by a modest 25 GitHub stars. The repository is well-documented, features a clear setup process, and provides a transparent structure.
Verdict
Use with caution — the tool is actively maintained and licensed appropriately, but developers should review the shell execution and network behaviors before integrating it into sensitive environments.
This tool is a self-hosted server that indexes documentation into a searchable knowledge base using Pinecone and OpenAI, serving the data to AI assistants via the Model Context Protocol (MCP) and REST APIs.
Security Assessment
The overall risk is rated as Medium. The scan identified a few notable code behaviors that require attention:
* Shell execution: The CLI uses `execSync` in its initialization command, which could be a vector for code injection if user inputs are not properly sanitized.
* Dangerous file operations: A recursive force deletion command (`rm -rf`) is present within the specific deployment folder, which is typical for cleanup scripts but can be risky if misconfigured.
* Network requests: Outbound network requests were detected in the deployment code. Given the tool's reliance on third-party APIs, this is expected, but you should be aware that your documentation and API keys (OpenAI, Pinecone) will be sent over the network.
No hardcoded secrets or dangerous broad permissions were found.
Quality Assessment
The project appears to be in good health and actively maintained, with its most recent push occurring today. It uses the permissive and standard Apache-2.0 license, making it safe for commercial and private use. Community trust is currently in the early growth stage, indicated by a modest 25 GitHub stars. The repository is well-documented, features a clear setup process, and provides a transparent structure.
Verdict
Use with caution — the tool is actively maintained and licensed appropriately, but developers should review the shell execution and network behaviors before integrating it into sensitive environments.
Self-hosted MCP server for your documentation
README.md
ContextMCP
Self-hosted MCP server for your documentation. Index your documentation from across the sources and serve it via the Model Context Protocol (MCP) and REST API.
Quick Start
# Scaffold a new project
npx contextmcp init my-docs-mcp
# Follow the prompts, then:
cd my-docs-mcp
npm install
# Configure your API keys
cp .env.example .env
# Edit .env with your PINECONE_API_KEY and OPENAI_API_KEY
# Configure your documentation sources
# Edit config.yaml
# Index your documentation
npm run reindex
# Edit the cloudflare-worker
# Deploy the MCP server
cd cloudflare-worker
npm install
npm run deploy
What is ContextMCP?
ContextMCP creates a searchable knowledge base from your documentation that AI assistants can query via the Model Context Protocol (MCP).
Supported Content Types
| Parser | Content Types | Examples |
|---|---|---|
mdx |
MDX/JSX documentation | Mintlify, Fumadocs, Docusaurus |
markdown |
Plain Markdown files | READMEs, CHANGELOGs |
openapi |
OpenAPI/Swagger specs | API reference docs |
How It Works
- Parse - Extract content from your docs, APIs, and READMEs
- Chunk - Split into semantic chunks optimized for search
- Embed - Generate embeddings using OpenAI
- Store - Upload to Pinecone vector database
- Search - Query via MCP from AI assistants
Repository Structure
contextmcp/
├── packages/
│ ├── cli/ # npx contextmcp (npm package)
│ ├── template/ # Project template (scaffolded to users)
│ └── website/ # contextmcp.ai documentation site
└── deployments/
└── dodopayments/ # Dodo Payments specific deployment
Packages
| Package | Description | Published |
|---|---|---|
packages/cli |
CLI scaffolding tool | ✅ npm: contextmcp |
packages/template |
Project template | (copied by CLI) |
packages/website |
Documentation site | (deployed to Vercel) |
Development
Prerequisites
- Node.js 18+
Setup
# Install all dependencies
npm install
# Development
npm run dev:website # Run website locally
npm run dev:cli # Watch CLI for changes
# Build
npm run build:website # Build website
npm run build:cli # Build CLI
# Type checking
npm run typecheck # Check all packages
Documentation
Visit contextmcp.ai/docs for full documentation.
Contributing
We welcome contributions! Please see CONTRIBUTING.md for guidelines on how to contribute to this project.
License
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
Yorumlar (0)
Yorum birakmak icin giris yap.
Yorum birakSonuc bulunamadi