sigil-mcp-server
sigil-mcp-server is a Python Model Context Protocol (MCP) server that indexes local repositories and exposes code navigation/search tools (symbol lookup, trigram-based substring search, and optional semantic search via vector embeddings) along with health/admin endpoints.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Security documentation mentions path traversal protection, OAuth 2.0 with PKCE, localhost bypass, API key fallback, and optional IP whitelisting. It also explicitly states DNS rebinding protection and certain validations are disabled for ChatGPT compatibility (host/header and content-type validation). OAuth token expiration is enforced (~1 hour) and OAuth credentials are stored with 0600 permissions.
⚡ Reliability
Best When
You want an AI assistant connected through MCP to explore codebases on your own machine or a controlled network, with optional OAuth-based remote access and indexing that can be maintained over time.
Avoid When
You need a minimal/fully documented REST/OpenAPI service for third-party programmatic consumption (this is primarily an MCP server) or you cannot accept the stated tradeoffs in ChatGPT connector compatibility (DNS rebinding/header/content-type validation behavior).
Use Cases
- • Index local source code for IDE-like symbol navigation and code search in an AI assistant
- • Fast substring search across multiple repositories using trigram indexing
- • Go-to-definition and symbol listing for functions/classes/methods/variables
- • Semantic/natural-language code search using embeddings (e.g., local llama.cpp or other embedding providers)
- • Operational management of indexing (rebuilds, stats, logs) via an admin API
- • Provide an MCP tool surface to other systems that can connect via MCP + OAuth
Not For
- • Publicly exposed, unauthenticated code search endpoints
- • Environments that forbid disabling DNS rebinding and strict header/content-type validation for ChatGPT compatibility
- • Use cases requiring strict multi-tenant data isolation without additional deployment controls
Interface
Authentication
Docs mention OAuth 2.0 with PKCE and token expiry (~1 hour) plus refresh support, and also mention a localhost bypass and API key/IP whitelist fallbacks.
Pricing
No hosted pricing indicated; appears self-hosted (AGPL/commercial licensing). Costs depend on indexing and embedding runtime (e.g., local models or paid providers like OpenAI if used).
Agent Metadata
Known Gotchas
- ⚠ ChatGPT compatibility notes indicate some security validations are disabled (e.g., DNS rebinding protection and certain header/content-type validation), so agents should assume the server is tuned for ChatGPT connector behavior.
- ⚠ Indexing operations may be compute/storage heavy; agents should avoid repeatedly rebuilding indexes without checking index stats/logs.
- ⚠ Embedding/vector indexing is optional but may require additional local services/models; agent workflows should branch accordingly.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for sigil-mcp-server.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-04-04.