agent-group-mcp

v0.4.3 safe
3.0
Low Risk

Local MCP server + CLI letting multiple MCP clients (Claude Code, OpenCode, Gemini CLI, …) exchange messages over a shared SQLite bus with audit logging.

🤖 AI Analysis

Final verdict: SAFE

The package shows minimal risk indicators with no network calls, no signs of obfuscation or credential harvesting, and legitimate use of shell execution. The main concern is the low metadata score due to limited community engagement and a single package from the maintainer.

  • Shell execution risk noted but deemed legitimate
  • Low community engagement and single package from maintainer
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package relies on network communications.
  • Shell: Shell execution is present but appears to be used for legitimate purposes like running scripts and commands, though it could potentially be exploited.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The maintainer has only one package and the repository lacks community engagement.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 8.0

Found 4 shell execution pattern(s)

  • -8") try: proc = subprocess.Popen( cmd, shell=True, env=en
  • .update(env_extra) return subprocess.run( [sys.executable, "-m", "agent_bus.cli", *args],
  • l -f in background proc = subprocess.Popen( [sys.executable, "-m", "agent_bus.cli", "tail", "-f
  • cmd, shell=True, env=env, stdin=subprocess.PIPE,
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Zoltan Nagy" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agent-group-mcp 
Create a collaborative coding environment called 'CollabCode' using the Python package 'agent-group-mcp'. This application should allow multiple developers to work on the same codebase simultaneously, facilitating real-time collaboration and communication. Here’s a step-by-step guide on how to implement this project:

1. **Setup Local MCP Server**: Use 'agent-group-mcp' to set up a local MCP server that acts as a central hub for communication between different coding environments and tools. Ensure this server supports multiple clients like Claude Code, OpenCode, and Gemini CLI.

2. **Real-Time Collaboration**: Implement real-time editing capabilities where changes made by one developer are instantly reflected across all connected clients. This feature should support version control to track changes and revert if necessary.

3. **Message Exchange**: Enable developers to send messages and notifications to each other through the shared SQLite bus provided by 'agent-group-mcp'. These messages should include updates about code changes, requests for reviews, or general discussions.

4. **Audit Logging**: Utilize the audit logging feature of 'agent-group-mcp' to keep a record of all interactions and changes made within the codebase. This will help in debugging issues and understanding the development process over time.

5. **User Authentication & Permissions**: Integrate user authentication to ensure only authorized developers can access and modify the codebase. Different levels of permissions (read-only, read-write) should be supported based on user roles.

6. **Integration with Version Control Systems**: Allow seamless integration with popular version control systems such as Git to manage commits, branches, and pull requests directly from within 'CollabCode'.

7. **Customizable User Interface**: Develop a user-friendly interface that allows developers to easily navigate the codebase, view messages, and manage their permissions. The UI should be responsive and accessible from both desktop and mobile devices.

By following these steps, you'll create a powerful tool for collaborative coding that leverages the unique capabilities of 'agent-group-mcp' to enhance teamwork and productivity.