Is MermAId safe to use?

MermAId has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under Apache-2.0.

How do I install MermAId?

MermAId supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

MermAId provides 2 tools: get_diagram, set_diagram. See the full tools list on the server page for descriptions and parameters.

What AI clients work with MermAId?

MermAId is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.

Is MermAId actively maintained?

MermAId is recently maintained — last commit was 71 days ago. It has 11 GitHub stars.

MermAId

Name: MermAId
Author: mozi-app

esbuild · by mozi-app

AI-agent-focused Mermaid editor for planning, with built-in MCP server and CLI tool

11 234.0M/wk 2 tools GitHub npm

No known CVEs

Apache-2.0 license

Maintained

Last commit 71d ago

Works with most clients

Transport: stdio, sse

2 tools · ~109 tok

Grade A · 0.1% of 200K ctx

Edit this pageView history

Developer Tools

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "mermaid-editor": {
      "args": [
        "--mcp"
      ],
      "command": "/path/to/mermaid-editor"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mermaid)](https://mcppedia.org/s/mermaid)

Read me

What MermAId does

AI-agent-focused Mermaid editor for planning, with built-in MCP server and CLI tool

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y 'esbuild' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

88/100across 5 weighted dimensions

How we score →

0255075100

−12

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

1 fixed

GHSA-67mh-4wv8-2f99low · fixedCVSS 3.1

esbuild enables any website to send any requests to the development server and read the response

### Summary esbuild allows any websites to send any request to the development server and read the response due to default CORS settings. ### Details esbuild sets `Access-Control-Allow-Origin: *` header to all requests, including the SSE connection, which allows any websites to send any request to the development server and read the response. https://github.com/evanw/esbuild/blob/df815ac27b84f8b34374c9182a93c94718f8a630/pkg/api/serve_other.go#L121 https://github.com/evanw/esbuild/blob/df815a

Affected: >= 0Fixed in 0.25.0source →

Inventory

Tools (2)

Click any tool to inspect its schema.

~109 tokens total

Help improve this page

This server is missing a description.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is MermAId safe to use?: MermAId has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under Apache-2.0.
How do I install MermAId?: MermAId supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can MermAId do?: MermAId provides 2 tools: get_diagram, set_diagram. See the full tools list on the server page for descriptions and parameters.
What AI clients work with MermAId?: MermAId is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.
Is MermAId actively maintained?: MermAId is recently maintained — last commit was 71 days ago. It has 11 GitHub stars.

Similar servers

Others in developer-tools

View all →

XcodeBuildMCP97

XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.

5.8k 1

XcodeBuildMCP97

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

5.8k 2

Mcp Gitlab96

MCP server for using the GitLab API

1.6k 12

Figma Console Mcp96

MCP server for accessing Figma plugin console logs and screenshots via Cloudflare Workers or local mode

1.8k 2

MCP Security Weekly

Get CVE alerts and security updates for MermAId and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Developer Tools

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "mermaid-editor": {
      "args": [
        "--mcp"
      ],
      "command": "/path/to/mermaid-editor"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mermaid)](https://mcppedia.org/s/mermaid)

Read me

What MermAId does

AI-agent-focused Mermaid editor for planning, with built-in MCP server and CLI tool

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y 'esbuild' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

MermAId Editor

A local Mermaid diagram editor designed for AI-assisted workflows. It's a pretty nice live Mermaid editor. But it's also a tool to be used with AI coding agents in generating plans. An AI coding agent (Claude Code, Codex, etc.) generates or updates diagrams via MCP or CLI, and you see the results rendered live in your browser. You can also edit diagrams directly — it's a full editor with syntax highlighting, linting, and vim keybindings. Push changes back to the agent, iterate, rinse and repeat.

The editor runs as a small Go server on localhost with a split-pane UI: a CodeMirror text editor on the left and a live Mermaid preview on the right.

AI agents interact with the editor via MCP or CLI to generate and update diagrams programmatically.

The native macOS app bundle is a self-contained executable that lives in the Dock and is freestanding (including the MCP server).

Features

AI agent integration via MCP server or CLI tool — agents can get and set diagrams programmatically
Live preview with debounced rendering as you type
Vim keybindings (via codemirror-vim)
Mermaid syntax highlighting and linting
Pan and zoom on the diagram preview
Export diagrams as SVG or high-resolution PNG
Collapsible editor pane
Single-instance enforcement — re-running the binary focuses the existing session
Cross-platform: runs on macOS, Linux, and Windows
Builds as a native macOS .app bundle with a menu-bar icon (tray app)

Installation

Requirements

Go 1.25+
Node.js / npm
macOS only: Xcode Command Line Tools (for CGO — the native app window uses Cocoa/WebKit)

Build from source (macOS / Linux)

git clone https://github.com/kmatthias/mermaid-editor.git
cd mermaid-editor
make build

This installs JS dependencies, bundles the frontend, and compiles the Go binary. The resulting binary is ./mermaid-editor — static assets are embedded at compile time, so the single file is all you need.

On macOS, the build uses CGO to link against Cocoa and WebKit for the native app window. On Linux, no CGO or system libraries are required.

Build from source (Windows)

Windows requires Go and Node.js installed. If you have GNU Make (e.g. via Chocolatey, MSYS2, or Git Bash):

make build

Without Make, run the steps manually in PowerShell:

npm install
npx esbuild frontend/app.js --bundle --format=iife --minify --sourcemap --outfile=static/bundle.js
copy frontend\style.css static\style.css
go build -o mermaid-editor.exe .

Install to PATH

# macOS / Linux: copy the binary somewhere on your PATH
cp mermaid-editor /usr/local/bin/

# Or use go install on any platform (requires GOBIN on PATH)
go install .

On Windows, copy mermaid-editor.exe to a directory on your %PATH%, or use go install ..

Usage

# Run the editor (opens in your default browser)
./mermaid-editor

# Run in development mode with live JS rebuilds
make dev

The editor opens automatically in your default browser. If an instance is already running, it focuses the existing window instead of starting a new one.

Platform notes

	macOS	Linux	Windows
Browser	Opens via `open`	Opens via `xdg-open`	Opens via `rundll32`
Native window	Yes (Cocoa/WebKit app)	No — browser only	No — browser only
App bundle	`make macapp`	N/A	N/A
CGO required	Yes (for native window)	No	No

macOS App Bundle

make macapp

Creates MermAId Editor.app, a self-contained macOS applica

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

88/100across 5 weighted dimensions

How we score →

0255075100

−12

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

1 fixed

GHSA-67mh-4wv8-2f99low · fixedCVSS 3.1

esbuild enables any website to send any requests to the development server and read the response

Affected: >= 0Fixed in 0.25.0source →

Inventory

Tools (2)

Click any tool to inspect its schema.

~109 tokens total

Help improve this page

This server is missing a description.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is MermAId safe to use?: MermAId has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under Apache-2.0.
How do I install MermAId?: MermAId supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can MermAId do?: MermAId provides 2 tools: get_diagram, set_diagram. See the full tools list on the server page for descriptions and parameters.
What AI clients work with MermAId?: MermAId is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.
Is MermAId actively maintained?: MermAId is recently maintained — last commit was 71 days ago. It has 11 GitHub stars.