Back to MCP Trust Indexm8ven
74
grade C
10 days ago
glama

Code Review MCP Server

Connects LLMs to GitHub and GitLab to analyze pull and merge requests for logic, security, and architectural alignment. It provides tools for fetching diffs, file contents, and project metadata, alongside guided prompts for professional code reviews.

danielefavi/mcp-server-code-review· listed on glama

Install from

Glama

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings
⚠️
Known vulnerabilities in dependencies: 1 high
Affects packages this MCP installs at runtime. Upgrade or remove the affected dependency.
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
🔐
You'll be asked for 2 credentials: GITHUB_TOKEN, GITLAB_TOKEN
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// required environment variables
This server reads these from process.env. You'll be asked to provide them before it can run.
configCODE_REVIEW_GUIDELINESInline custom code review guidelines text. Optional (Custom Rules)
configCODE_REVIEW_GUIDELINES_FILEPath to a file containing custom code review guidelines. Optional (Custom Rules)
🔐 secretGITHUB_TOKENYour GitHub Personal Access Token. GitHub
🔐 secretGITLAB_TOKENYour GitLab Personal Access Token. GitLab
configGITLAB_URLGitLab instance URL (default: https://gitlab.com). GitLab (Self-Managed)
// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 4 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[![M8ven Score](https://m8ven.ai/badge/mcp/danielefavi-mcp-server-code-review-1yraoo)](https://m8ven.ai/mcp/danielefavi-mcp-server-code-review-1yraoo)
commit: 3282b7d983b974650c66297854882427d6fc1913
code hash: ab95d5ed8f84274a650dea45963f5cd4a0db06c38d850ca72a5a296e85b42ada
verified: 4/11/2026, 2:45:10 PM
view raw JSON →