Is Agentic Developer Mcp safe to use?

Agentic Developer Mcp has 1 known CVE tracked by MCPpedia. You can verify these on OSV.dev by searching for "@openai/codex". Review the Security section above for details before installing.

How do I install Agentic Developer Mcp?

Agentic Developer Mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can Agentic Developer Mcp do?

Agentic Developer Mcp provides 2 tools: run_codex, clone_and_write_prompt. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Agentic Developer Mcp?

Agentic Developer Mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is Agentic Developer Mcp actively maintained?

Agentic Developer Mcp is less actively maintained — last commit was 324 days ago. It has 46 GitHub stars.

Agentic Developer Mcp

Name: Agentic Developer Mcp
Author: teabranch

@openai/codex · by teabranch

An MCP server that scales development into controllable agentic, recursive flows, and build a feature from bottom-up

46 12.8M/wk 2 tools GitHub npm

1 open CVE

MIT license

Stale

Last commit 324d ago

Works with most clients

Transport: stdio, sse, http

2 tools · ~321 tok

Grade A · 0.2% of 200K ctx

Edit this pageView history

Developer Tools AI / ML

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "agentic-developer-mcp": {
      "args": [
        "-y",
        "@openai/codex"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/agentic-developer-mcp)](https://mcppedia.org/s/agentic-developer-mcp)

Read me

What Agentic Developer Mcp does

This project wraps OpenAI's Codex CLI as an MCP (Model Context Protocol) server, making it accessible through the TeaBranch/open-responses-server middleware. This engine may be replaced with OpenCode or Amazon Strands

Test This Server

This server supports HTTP transport. Be the first to test it — help the community know if it works.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

83/100across 5 weighted dimensions

How we score →

0255075100

−17

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

1 open1 fixed

CVE-2025-61260lowCVSS 3.1

OpenAI Codex CLI enables code execution through malicious MCP (Model Context Protocol) configuration files

A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP (Model Context Protocol) configuration files. The attack is triggered when a user runs the codex command inside a malicious or compromised repository. Codex automatically loads project-local .env and .codex/config.toml files without requiring user confirmation, allowing attackers to embed arbitrary commands that execute immediately.

Affected: >= 0source →

CVE-2025-59532medium · fixedCVSS 4

Codex has sandbox bypass due to bug in path configuration logic

Due to a bug in the sandbox configuration logic, Codex CLI could treat a model-generated `cwd` as the sandbox’s writable root, including paths outside of the folder where the user started their session. This logic bypassed the intended workspace boundary and enables arbitrary file writes and command execution where the Codex process has permissions - this did not impact the network-disabled sandbox restriction. **Remediation** We released a patch in Codex CLI **0.39.0** that canonicalizes and

Affected: >= 0.2.0Fixed in 0.39.0source →

Inventory

Tools (2)

Click any tool to inspect its schema.

~321 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Agentic Developer Mcp safe to use?: Agentic Developer Mcp has 1 known CVE tracked by MCPpedia. You can verify these on OSV.dev by searching for "@openai/codex". Review the Security section above for details before installing.
How do I install Agentic Developer Mcp?: Agentic Developer Mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Agentic Developer Mcp do?: Agentic Developer Mcp provides 2 tools: run_codex, clone_and_write_prompt. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Agentic Developer Mcp?: Agentic Developer Mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Agentic Developer Mcp actively maintained?: Agentic Developer Mcp is less actively maintained — last commit was 324 days ago. It has 46 GitHub stars.

Similar servers

Others in developer-tools / ai-ml

View all →

Memory MCP Server98

Persistent memory using a knowledge graph

85.9k 5

Supabase MCP Server97

Manage Supabase projects — databases, auth, storage, and edge functions

2.7k 4

XcodeBuildMCP97

XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.

5.7k 1

XcodeBuildMCP97

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

5.7k 2

MCP Security Weekly

Get CVE alerts and security updates for Agentic Developer Mcp and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Developer Tools AI / ML

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "agentic-developer-mcp": {
      "args": [
        "-y",
        "@openai/codex"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/agentic-developer-mcp)](https://mcppedia.org/s/agentic-developer-mcp)

Read me

What Agentic Developer Mcp does

Test This Server

This server supports HTTP transport. Be the first to test it — help the community know if it works.

README

Agentic Developer MCP

This project wraps OpenAI's Codex CLI as an MCP (Model Context Protocol) server, making it accessible through the TeaBranch/open-responses-server middleware.
This engine may be replaced with OpenCode or Amazon Strands

Requirements

Node 22 (nvm install 22.15.1 | nvm use 22.15.1) required for Codex

Overview

The setup consists of three main components:

Codex CLI: OpenAI's command-line interface for interacting with Codex.
MCP Wrapper Server: A Node.js Express server that forwards MCP requests to Codex CLI and formats responses as MCP.
open-responses-server: A middleware service that provides Responses API compatibility and MCP support.

Installation

Using Docker (Recommended)

# Clone this repository
git clone https://github.com/yourusername/codex-mcp-wrapper.git
cd codex-mcp-wrapper

# Start the services
./start.sh

This will start:

Codex MCP wrapper on port 8080
open-responses-server on port 3000

Manual Installation

# Install dependencies
npm install

# Install Codex CLI globally
npm install -g @openai/codex

# Start the MCP server
node mcp-server.js
# Install the package in development mode
pip install -e .

Usage

You can run the MCP server using either stdio or SSE transport:

# Using stdio (default)
python -m mcp_server

# Using SSE on a specific port
python -m mcp_server --transport sse --port 8000

Tool Documentation

run_codex

Clones a repository, checks out a specific branch (optional), navigates to a specific folder (optional), and runs Codex with the given request.

Parameters

repository (required): Git repository URL
branch (optional): Git branch to checkout
folder (optional): Folder within the repository to focus on
request (required): Codex request/prompt to run

Example

{
  "repository": "https://github.com/username/repo.git",
  "branch": "main",
  "folder": "src",
  "request": "Analyze this code and suggest improvements"
}

clone_and_write_prompt

Clones a repository, reads the system prompt from .agent/system.md, parses modelId from .agent/agent.json, writes the request to a .prompt file, and invokes the Codex CLI with the extracted model.

Parameters

repository (required): Git repository URL
request (required): Prompt text to run through Codex
folder (optional, default /): Subfolder within the repository to operate in

Example

{
  "repository": "https://github.com/username/repo.git",
  "folder": "src",
  "request": "Analyze this code and suggest improvements"
}

MCPS Configuration

Place a mcps.json file under the .agent/ directory to register available MCP tools. Codex will load this configuration automatically.

Example .agent/mcps.json:

{
  "mcpServers": {
    "agentic-developer-mcp": {
      "url": "..."
    }
  }
}

Development

This project uses the MCP Python SDK to implement an MCP server. The primary implementation is in mcp_server/server.py.

License

MIT

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

83/100across 5 weighted dimensions

How we score →

0255075100

−17

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

1 open1 fixed

CVE-2025-61260lowCVSS 3.1

OpenAI Codex CLI enables code execution through malicious MCP (Model Context Protocol) configuration files

Affected: >= 0source →

CVE-2025-59532medium · fixedCVSS 4

Codex has sandbox bypass due to bug in path configuration logic

Affected: >= 0.2.0Fixed in 0.39.0source →

Inventory

Tools (2)

Click any tool to inspect its schema.

~321 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Agentic Developer Mcp safe to use?: Agentic Developer Mcp has 1 known CVE tracked by MCPpedia. You can verify these on OSV.dev by searching for "@openai/codex". Review the Security section above for details before installing.
How do I install Agentic Developer Mcp?: Agentic Developer Mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Agentic Developer Mcp do?: Agentic Developer Mcp provides 2 tools: run_codex, clone_and_write_prompt. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Agentic Developer Mcp?: Agentic Developer Mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Agentic Developer Mcp actively maintained?: Agentic Developer Mcp is less actively maintained — last commit was 324 days ago. It has 46 GitHub stars.