Sourceplane MCP

Sourceplane MCP

Secure multi-source MCP server for reading local, GitHub, GitLab, Bitbucket, and network source code with read-only-by-default access, enabling AI assistants to inspect repositories safely.

Category
访问服务器

README

Sourceplane MCP

CI Coverage License Node MCP

Secure multi-source MCP server for local repositories, GitHub, GitLab, Bitbucket, and mounted network workspaces.

Sourceplane MCP provides a consistent Model Context Protocol interface for safely exposing source code and documentation to MCP-compatible AI clients such as Claude Desktop.

The platform is read-only by default, with optional local-only development write support.

It is designed specifically for source context and repository inspection — not platform automation.


Why Sourceplane MCP Exists

Modern engineering environments are fragmented across:

  • frontend repositories
  • backend services
  • infrastructure repositories
  • shared libraries
  • monorepos
  • local workspaces
  • mounted NAS shares
  • self-hosted Git providers
  • documentation repositories

AI assistants are significantly more useful when they can safely inspect source trees directly instead of relying on manual copy/paste.

Sourceplane MCP focuses on:

  • read-only-by-default access
  • explicit source allowlisting
  • filesystem safety
  • secure defaults
  • self-hosted provider support
  • local-first workflows
  • predictable behavior
  • low operational complexity
  • easy auditing

Supported Sources

Source Type Description Token Required
github GitHub repository via API Optional for public repos
gitlab GitLab project via API Optional for public projects
bitbucket Bitbucket Cloud or Data Center repository Optional for public repos
local Local workspace folder No
network Mounted NAS or network share No

Network sources are mounted filesystem paths such as:

/Volumes/Engineering/shared-platform
/mnt/shared/platform

They are not arbitrary internet URLs.


Current Capability Matrix

Capability GitHub GitLab Bitbucket Cloud Bitbucket Data Center Local Network
Public source without token Yes Yes Yes Usually internal only N/A N/A
Private source with token Yes Yes Yes Yes N/A N/A
Custom host Yes Yes Yes Yes N/A N/A
Custom webUrl Yes Yes Yes Yes N/A N/A
list_sources Yes Yes Yes Yes Yes Yes
read_file Yes Yes Yes Yes Yes Yes
read_files Yes Yes Yes Yes Yes Yes
list_files Yes Yes Yes Yes Yes Yes
get_source_structure Yes Yes Yes Yes Yes Yes
search_code API search API search / tree search Tree-based search Tree-based search Local scan Local scan
Branch override Yes Yes Yes Yes No No
Built-in blocklist Yes Yes Yes Yes Yes Yes
Source-specific blocklist Yes Yes Yes Yes Yes Yes
Write operations No No No No Optional local-only No

Available MCP Tools

Tool Description
list_sources List configured sources
read_file Read a single file
read_files Read multiple files
list_files List files in a directory
get_source_structure Get recursive source tree
search_code Search source code
write_file Write a UTF-8 text file to an explicitly writable local source

All tools use the same source-key model:

{
  "sourceKey": "platform-api",
  "path": "src/index.ts"
}

Installation

Requirements

  • Node.js 20+
  • npm

Optional:

  • Git provider tokens for private repositories

Clone Repository

git clone https://github.com/infraWS/sourceplane-mcp.git

cd sourceplane-mcp

Install Dependencies

npm install

Build

npm run build

Configuration

Copy the example configuration:

cp config/sources.example.yaml config/sources.yaml

config/sources.yaml is intentionally gitignored.


Example Configuration

server:
  name: sourceplane-mcp
  version: 1.0.0

defaults:
  owner: my-org
  defaultBranch: main

  maxFileSizeKb: 512
  maxFiles: 1000

  followSymlinks: false

  pathBlocklist:
    - .env
    - .env.*
    - secrets/
    - certificates/
    - private/
    - "*.pem"
    - "*.key"
    - "*.p12"
    - terraform.tfstate
    - terraform.tfstate.*
    - "*.tfvars"

sources:

  github-public:
    type: github
    owner: nodejs
    name: node

  github-private:
    type: github
    name: terraform-platform
    token: ${GITHUB_TOKEN}

  github-enterprise:
    type: github
    host: https://github.company.com/api/v3
    webUrl: https://github.company.com

    owner: platform
    name: terraform-platform

    token: ${GITHUB_ENTERPRISE_TOKEN}

  gitlab-public:
    type: gitlab
    projectId: gitlab-org/gitlab

  gitlab-private:
    type: gitlab
    projectId: platform/backend-api
    token: ${GITLAB_TOKEN}

  gitlab-self-managed:
    type: gitlab
    host: https://gitlab.company.com
    webUrl: https://gitlab.company.com

    projectId: platform/backend-api

    token: ${GITLAB_SELF_MANAGED_TOKEN}

  bitbucket-cloud:
    type: bitbucket
    workspace: engineering
    slug: frontend-app

    token: ${BITBUCKET_TOKEN}

  bitbucket-datacenter:
    type: bitbucket
    host: https://bitbucket.company.com/rest/api/1.0
    webUrl: https://bitbucket.company.com

    projectKey: PLATFORM
    slug: frontend-app

    token: ${BITBUCKET_DC_TOKEN}

  local-api:
    type: local
    path: ~/Projects/api-service

    write:
      enabled: false
      allowOverwrite: false
      createDirs: false

  shared-network:
    type: network
    path: /Volumes/Engineering/shared-platform

Local Development Write Support

Sourceplane MCP is read-only by default.

Local filesystem sources can explicitly opt into controlled write access for development workflows.

Write support is:

  • disabled by default
  • available only for local sources
  • not supported for Git providers
  • not supported for network sources
  • protected by the same path safety and blocklist rules as read operations

Supported operations:

  • UTF-8 text file writes
  • optional overwrites
  • optional parent directory creation

Unsupported operations:

  • file deletion
  • renames
  • shell execution
  • binary writes
  • permission modification

Example Writable Local Source

sources:

  local-dev:
    type: local
    path: ~/Projects/my-app

    write:
      enabled: true
      allowOverwrite: true
      createDirs: true

Example write_file

{
  "sourceKey": "local-dev",
  "path": "src/generated/example.ts",
  "content": "export const example = true;\n"
}

Security Model

Sourceplane MCP is intentionally restrictive.

It does not:

  • write files outside explicitly writable local sources
  • create commits
  • open pull requests
  • merge pull requests
  • execute shell commands
  • trigger CI/CD workflows
  • access arbitrary repositories
  • access arbitrary filesystem paths
  • expose provider secrets
  • modify repositories

Only explicitly configured sources are accessible.

Even when write support is enabled for local sources, writes remain constrained to the configured source root and continue to enforce:

  • traversal protection
  • blocklist enforcement
  • binary detection
  • path normalization
  • UTF-8 text-only writes

Built-in Security Protections

Path Validation

The server rejects:

  • parent traversal (../)
  • absolute paths (/etc/passwd)
  • double slashes (//)
  • Windows backslashes (\)
  • URL-encoded traversal attempts (%2e, %2f, %5c)
  • null-byte injection attempts

Built-in Blocklist

The server always applies an internal protection layer.

Examples include:

  • .git/
  • .wrangler/
  • node_modules/
  • .env
  • Terraform state files
  • SSH folders
  • certificates
  • private keys
  • generated artifacts

Blocklists are merged in this order:

DEFAULT_PATH_BLOCKLIST
→ defaults.pathBlocklist
→ source.pathBlocklist

Binary File Protection

The server refuses to read binary files using:

  • extension-based filtering
  • content-based binary detection

Filesystem Isolation

Local and network sources are constrained to their configured root path.

Example rejected request:

{
  "sourceKey": "local-api",
  "path": "../../.ssh/id_rsa"
}

Symlinks are disabled by default:

defaults:
  followSymlinks: false

Claude Desktop Setup

macOS Claude Desktop configuration path:

~/Library/Application Support/Claude/claude_desktop_config.json

Example:

{
  "mcpServers": {
    "sourceplane-mcp": {
      "command": "node",
      "args": [
        "/absolute/path/to/sourceplane-mcp/dist/index.js"
      ],
      "env": {
        "SOURCEPLANE_CONFIG": "/absolute/path/to/sourceplane-mcp/config/sources.yaml",
        "GITHUB_TOKEN": "github_pat_xxx",
        "GITLAB_TOKEN": "glpat_xxx",
        "BITBUCKET_TOKEN": "xxx"
      }
    }
  }
}

Restart Claude Desktop after updating the configuration.


Automated Testing

Sourceplane MCP includes automated tests covering:

  • traversal rejection
  • nested blocklist enforcement
  • filesystem isolation
  • sanitized error handling
  • binary detection
  • provider URL construction
  • GitLab provider behavior
  • Bitbucket Cloud behavior
  • Bitbucket Data Center behavior
  • local source scanning

Current coverage includes:

  • high coverage for security-critical logic
  • mocked provider API tests
  • CI validation on Node.js 20 and 22

Run tests:

npm run test
npm run coverage

Scripts

npm run dev
npm run build
npm run start
npm run clean
npm run test
npm run coverage

Design Principles

Sourceplane MCP favors:

  • explicit configuration
  • least privilege
  • read-only-by-default access
  • secure defaults
  • predictable behavior
  • local-first workflows
  • self-hosted provider support
  • easy auditing

It is intentionally narrower in scope than platform-automation MCP servers.


License

MIT License

推荐服务器

Baidu Map

Baidu Map

百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。

官方
精选
JavaScript
Playwright MCP Server

Playwright MCP Server

一个模型上下文协议服务器,它使大型语言模型能够通过结构化的可访问性快照与网页进行交互,而无需视觉模型或屏幕截图。

官方
精选
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

通过模型上下文协议启用与 Audiense Insights 账户的交互,从而促进营销洞察和受众数据的提取和分析,包括人口统计信息、行为和影响者互动。

官方
精选
本地
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

一个由人工智能驱动的工具,可以从自然语言描述生成现代化的用户界面组件,并与流行的集成开发环境(IDE)集成,从而简化用户界面开发流程。

官方
精选
本地
TypeScript
VeyraX

VeyraX

一个单一的 MCP 工具,连接你所有喜爱的工具:Gmail、日历以及其他 40 多个工具。

官方
精选
本地
Kagi MCP Server

Kagi MCP Server

一个 MCP 服务器,集成了 Kagi 搜索功能和 Claude AI,使 Claude 能够在回答需要最新信息的问题时执行实时网络搜索。

官方
精选
Python
graphlit-mcp-server

graphlit-mcp-server

模型上下文协议 (MCP) 服务器实现了 MCP 客户端与 Graphlit 服务之间的集成。 除了网络爬取之外,还可以将任何内容(从 Slack 到 Gmail 再到播客订阅源)导入到 Graphlit 项目中,然后从 MCP 客户端检索相关内容。

官方
精选
TypeScript
Neon MCP Server

Neon MCP Server

用于与 Neon 管理 API 和数据库交互的 MCP 服务器

官方
精选
Exa MCP Server

Exa MCP Server

模型上下文协议(MCP)服务器允许像 Claude 这样的 AI 助手使用 Exa AI 搜索 API 进行网络搜索。这种设置允许 AI 模型以安全和受控的方式获取实时的网络信息。

官方
精选
mcp-server-qdrant

mcp-server-qdrant

这个仓库展示了如何为向量搜索引擎 Qdrant 创建一个 MCP (Managed Control Plane) 服务器的示例。

官方
精选