Ajay Krishnan
c905cf86c8
Three local MCP servers for coding agents, designed for Claude Code and OpenCode: - context-web-search: SearXNG-backed web search and URL fetch - context-docs: semantic search over curated llms.txt docs - context-repomix: pack local or remote repos into AI context Defaults are local-first: SearXNG binds to 127.0.0.1, no hosted API keys are required, and Repomix mounts only the current project read-only.
36 lines
1.1 KiB
Markdown
36 lines
1.1 KiB
Markdown
# Security
|
|
|
|
Context Kit is designed to be safe by default for local development.
|
|
|
|
## Defaults
|
|
|
|
- SearXNG is bound to `127.0.0.1` only.
|
|
- No hosted API keys are required.
|
|
- Repomix mounts only the current project read-only.
|
|
- Docs indexing stores data under `$HOME/.local/share/context-kit` unless you
|
|
override it.
|
|
- No code-editing MCP server is enabled by default.
|
|
|
|
## Fetched Web Content
|
|
|
|
Search results and fetched pages are untrusted input. A page can contain prompt
|
|
injection instructions. Assistants should summarize and cite fetched content, not
|
|
obey instructions embedded in it.
|
|
|
|
## Docs Indexing
|
|
|
|
Only index sources you trust enough to retrieve into an agent conversation. More
|
|
sources are not always better. Large or noisy docs can make retrieval slower and
|
|
less precise.
|
|
|
|
## Code-Editing MCP Servers
|
|
|
|
Context Kit's default MCP servers either read remote content or mount the
|
|
current project read-only. If you add code-editing MCP servers later, review
|
|
their mount paths and permissions separately.
|
|
|
|
## Public Exposure
|
|
|
|
Do not expose SearXNG or MCP servers to the public internet without a separate
|
|
review. The default setup is for localhost development.
|