OpenCodeHub MCP Server

27 tools. 2 can modify or destroy data without limits.

2 write tools that can modify data. Rate limits recommended.

Last updated:

2 can modify or destroy data
25 read-only
27 tools total

Community server · catalogue entry verified 02/07/2026

How to control OpenCodeHub MCP Server ↓

What OpenCodeHub MCP Server exposes to your agents

Read (25) Write / Execute (2) Destructive / Financial (0)
High Risk

The most dangerous OpenCodeHub MCP Server tools

2 of OpenCodeHub MCP Server's 27 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control OpenCodeHub MCP Server

PolicyLayer is an MCP gateway — it sits between your AI agents and OpenCodeHub MCP Server, and nothing reaches the server without passing your rules. These are the rules we recommend:

Rate limit write operations
{
  "group_sync": {
    "limits": [
      {
        "counter": "group_sync_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "api_impact": {
    "limits": [
      {
        "counter": "api_impact_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register OpenCodeHub MCP Server — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON OPENCODEHUB →

Instant setup, no code required.

All 27 OpenCodeHub MCP Server tools

READ 25 tools
Read api_impact Score the blast radius of changing a Route Read change_pack Deterministic, diff-scoped context pack for a git range: the impacted upstream subgraph (retained, not collaps Read context Resolve a symbol to its graph node and return categorised incoming/outgoing edges (calls, imports, accesses, h Read dependencies Enumerate external package dependencies of the indexed repo, sourced from lockfiles and manifests (package-loc Read detect_changes Parse the repo Read group_contracts Two-part surface for cross-repo contract discovery. (1) Match unresolved FETCHES edges (consumer) against Rout Read group_cross_repo_links Emit the sourced, alpha-sorted cross-repo link graph for a named group. Loads the persisted ContractRegistry f Read group_list Enumerate every cross-repo group defined under ~/.codehub/groups. Groups bundle already-indexed repos so an ag Read group_query Run BM25 against every repo in a named group and fuse the per-repo rankings with Reciprocal Rank Fusion (RRF, Read group_status Report per-repo index freshness for every repo in a named group. Returns node/edge counts, last-indexed timest Read impact Walk the graph from a target symbol and group dependents by traversal depth. Depth-1 nodes will definitely bre Read license_audit Classify every Dependency node by license risk: copyleft (GPL/AGPL/SSPL/EUPL/CPAL/OSL/RPL), proprietary, unkno Read list_dead_code Classify every callable / type in the indexed graph as live, dead, or unreachable-export and return the non-li Read list_findings Enumerate static-analysis findings stored as Finding nodes, filtered by severity, scanner, rule id, or file pa Read list_findings_delta Diff the latest scan ( Read list_repos Enumerate every repo that has been indexed by codehub on this machine. Returns name, on-disk path, last-seen c Read owners Enumerate the ranked set of Contributors linked to a node via OWNED_BY edges. Source is git blame; emails are Read pack_codebase Produce a snapshot of a registered repo. The default Read project_profile Returns the detected project profile: languages, frameworks (flat + structured), IaC types, API contracts, man Read risk_trends Classify each community Read route_map Enumerate Route nodes filtered by url substring and/or method. For each route returns the static responseKeys Read shape_check For each Route matching the filter, walk ACCESSES edges from the consumer files that FETCH this route and comp Read signature Return a class/interface declaration plus its method and property signatures with bodies elided (stub syntax p Read tool_map Enumerate Tool nodes detected by the tools ingestion phase, optionally filtered by name substring. Returns nam Read verdict Composite diff verdict: auto_merge | single_review | dual_review | expert_review | block. Aggregates blast rad

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about OpenCodeHub MCP Server

How do I prevent bulk modifications through OpenCodeHub MCP Server? +

The OpenCodeHub MCP Server server has 1 write tools including group_sync. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach OpenCodeHub MCP Server.

How many tools does the OpenCodeHub MCP Server MCP server expose? +

27 tools across 3 categories: Execute, Read, Write. 25 are read-only. 2 can modify, create, or delete data.

How do I enforce a policy on OpenCodeHub MCP Server? +

Register the OpenCodeHub MCP Server MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every OpenCodeHub MCP Server tool call.

Deterministic rules across all 27 OpenCodeHub MCP Server tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

27 OpenCodeHub MCP Server tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.