74
/ 100
28 days ago
glama

codeviewer-mcp

A stateful, AST-aware MCP server for structured code review workflows. It enables iterative review sessions with AST-based context localization and provides structured feedback with verdicts and patch suggestions for JavaScript/TypeScript code.

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings
⚠️
Tests do not pass
Either the test suite is broken or the code regressed. Either way the published behaviour can’t be verified by the publisher’s own tests.
9 tools verified — handlers match their declared behaviour
5 read-only tools verified — handlers contain no write/delete/exec
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
Open source with a license and README
Anyone can audit the code, the license is declared, and the publisher documents what it does.
🔐
You'll be asked for 1 credential: MCP_AUTH_TOKEN
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// required environment variables
This server reads these from process.env. You'll be asked to provide them before it can run.
configLOG_LEVELLog level (trace, debug, info, warn, error) info
🔐 secretMCP_AUTH_TOKENOptional bearer token for shared environments. If set, every tool call must include auth_token. unset
configMCP_CLEANUP_ON_STARTUPCleanup expired sessions on process start (true or false) false
configMCP_DEFAULT_PROMPT_PROFILEDefault prompt profile ID used when register_plan omits prompt_profile Latest universal-auditor-general-v profile if present, else first profile
configMCP_PROJECT_PATHProject root for AST indexing and path containment checks Current working directory
configMCP_PROMPTS_DIRDirectory containing .md prompt profiles <server_root>/prompts
configMCP_REVIEWER_DB_PATHSQLite database path <MCP_PROJECT_PATH>/.codeviewer-mcp.sqlite
configMCP_SESSION_TTL_HOURSSession TTL in hours, positive integer only 168
// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 6 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[![M8ven Score](https://m8ven.ai/badge/mcp/master0ffate-codeviewer-mcp-limk2n)](https://m8ven.ai/mcp/master0ffate-codeviewer-mcp-limk2n)
commit: db821055caa7d6428b69e2a89b6fc2e9942db9bf
code hash: 74b10a93b6c4b9e5b6595e5725bc08b6a4f8c8bb400c07e463b79633ac595af4
verified: 6/17/2026, 11:57:58 AM
view raw JSON →