{"id":5655,"library":"mcp-server-git","title":"Model Context Protocol Git Server","description":"mcp-server-git is a Model Context Protocol (MCP) server designed to enable Large Language Models (LLMs) and AI agents to interact with Git repositories programmatically. It provides tools for reading, searching, and manipulating Git repositories. As of version 2026.1.14, it is actively developed, though still in early stages, with frequent updates often addressing security and functionality enhancements.","status":"active","version":"2026.1.14","language":"en","source_language":"en","source_url":"https://github.com/modelcontextprotocol/servers/tree/main/src/git","tags":["AI","LLM","MCP","Git","server","model context protocol","automation"],"install":[{"cmd":"pip install mcp-server-git","lang":"bash","label":"Install from PyPI"},{"cmd":"uvx mcp-server-git","lang":"bash","label":"Run directly with uvx (if uvx is installed)"}],"dependencies":[{"reason":"Command-line interface toolkit","package":"click","optional":false},{"reason":"Data validation and settings management","package":"pydantic","optional":false},{"reason":"Core Model Context Protocol SDK","package":"mcp","optional":false},{"reason":"Python library for Git interaction","package":"gitpython","optional":false}],"imports":[{"note":"Users typically run 'mcp-server-git' as a command-line tool or through an MCP host configuration, rather than importing classes from it for direct Python application logic.","symbol":"mcp-server-git","correct":"The library is primarily a server process, not intended for direct programmatic import by end-user applications for its core functionality. It is run as a standalone service."}],"quickstart":{"code":"# Start the mcp-server-git in a Git repository context\n# (Replace /path/to/your/git/repo with an actual Git repository path)\ncd /path/to/your/git/repo\nmcp-server-git\n\n# Example MCP client configuration (e.g., for VS Code .vscode/mcp.json or user mcp.json)\n# This tells an MCP-compatible client how to connect to the server.\n# Note: The 'command' path might need to be absolute depending on your environment.\n{\n  \"servers\": {\n    \"git\": {\n      \"command\": \"mcp-server-git\",\n      \"args\": [],\n      \"env\": {\n        \"GIT_DEFAULT_PATH\": \"${input:git_repo_path}\"\n      }\n    }\n  },\n  \"inputs\": [\n    {\n      \"type\": \"promptString\",\n      \"id\": \"git_repo_path\",\n      \"description\": \"Path to Git Repository\",\n      \"default\": \"/path/to/your/git/repo\"\n    }\n  ]\n}","lang":"bash","description":"To use `mcp-server-git`, install it and then run it as a server process, typically from within a Git repository you wish to expose. MCP clients (like VS Code or Claude Desktop) are then configured to connect to this running server. The example above shows how to run the server from the command line and a typical JSON configuration snippet for an MCP client to establish the connection and provide a repository context."},"warnings":[{"fix":"Upgrade to version 2025.9.25 or later. Do not rely on `mcp-server-git` to initialize new repositories; create them separately.","message":"The `git_init` tool was removed due to a path traversal vulnerability. The server is now intended to operate exclusively on *existing* Git repositories, not to initialize new ones at arbitrary filesystem locations.","severity":"breaking","affected_versions":"<2025.9.25"},{"fix":"Upgrade to version 2025.12.18 or later. The fix adds validation to reject flag-like arguments and ensures arguments resolve to valid Git refs.","message":"Argument injection vulnerabilities were present in `git_diff` and `git_checkout` functions, allowing user-controlled arguments to be interpreted as CLI options, potentially leading to arbitrary file overwrites.","severity":"breaking","affected_versions":"<2025.12.18"},{"fix":"Upgrade to version 2026.1.14 or later. This version includes boundary checks to prevent `git_add` from staging files outside the repository's working tree.","message":"Path traversal vulnerability in `git_add` allowed staging files outside the designated repository boundaries using relative paths (e.g., `../`). This could enable exfiltration of sensitive files via subsequent Git operations.","severity":"gotcha","affected_versions":"<2026.1.14"},{"fix":"Upgrade to version 2025.12.18 or later. The fix adds path validation to ensure all operations are restricted to the configured repository path.","message":"Missing path validation when the server was started with the `--repository` flag. This allowed tool calls to operate on repositories outside the explicitly configured path.","severity":"gotcha","affected_versions":"<2025.12.18"},{"fix":"Anticipate potential API changes and breaking updates. Regularly review release notes and test against new versions.","message":"The library is explicitly stated to be in 'early development', meaning functionality and available tools are subject to frequent change and expansion.","severity":"gotcha","affected_versions":"All versions"}],"env_vars":null,"last_verified":"2026-04-11T00:00:00.000Z","next_check":"2026-07-10T00:00:00.000Z"}