Server Sequential Thinking

Name: Server Sequential Thinking
Author: pcarleton

@modelcontextprotocol/server-sequential-thinking · by pcarleton

MCP server for sequential thinking and problem solving

85.9k 102.2k/wk 0 tools GitHub npm PyPI

No known CVEs

No license

Actively maintained

Last commit 1d ago

Works with most clients

Transport: stdio, sse, http

0 tools

Grade F

Edit this pageView history

Other

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "memory": {
      "args": [
        "-y",
        "@modelcontextprotocol/server-memory"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/server-sequential-thinking)](https://mcppedia.org/s/server-sequential-thinking)

Read me

What Server Sequential Thinking does

This repository is a collection of reference implementations for the Model Context Protocol (MCP), as well as references to community-built servers and additional resources.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@modelcontextprotocol/server-sequential-thinking' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

63/100across 5 weighted dimensions

How we score →

0255075100

−37

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

4 fixed

CVE-2026-27735medium · fixedCVSS 4

mcp-server-git : Path traversal in git_add allows staging files outside repository boundaries

In `mcp-server-git` versions prior to 2026.1.14, the `git_add` tool did not validate that file paths provided in the files argument were within the repository boundaries. The tool used GitPython's `repo.index.add(`, which did not enforce working-tree boundary checks for relative paths. As a result, relative paths containing `../` sequences that resolved outside the repository were accepted and staged into the Git index, potentially allowing sensitive files to be exfiltrated via subsequent commit

Affected: >= 0Fixed in 2026.1.14source →

CVE-2025-68145medium · fixedCVSS 4

mcp-server-git has missing path validation when using --repository flag

In mcp-server-git versions prior to 2025.12.18, when the server is started with the --repository flag to restrict operations to a specific repository path, it did not validate that repo_path arguments in subsequent tool calls were actually within that configured path. This could allow tool calls to operate on other repositories accessible to the server process. The fix adds path validation that resolves both the configured repository and the requested path (following symlinks) and verifies the r

Affected: >= 0Fixed in 2025.12.18source →

CVE-2025-68144medium · fixedCVSS 4

mcp-server-git argument injection in git_diff and git_checkout functions allows overwriting local files

In mcp-server-git versions prior to 2025.12.18, the git_diff and git_checkout functions passed user-controlled arguments directly to git CLI commands without sanitization. Flag-like values (e.g., `--output=/path/to/file` for `git_diff`) would be interpreted as command-line options rather than git refs, enabling arbitrary file overwrites. The fix adds validation that rejects arguments starting with - and verifies the argument resolves to a valid git ref via rev_parse before execution. Users are a

Affected: >= 0Fixed in 2025.12.18source →

CVE-2025-68143medium · fixedCVSS 4

mcp-server-git's unrestricted git_init tool allows repository creation at arbitrary filesystem locations

In mcp-server-git versions prior to 2025.9.25, the git_init tool accepted arbitrary filesystem paths and created Git repositories without validating the target location. Unlike other tools which required an existing repository, git_init could operate on any directory accessible to the server process, making those directories eligible for subsequent git operations. The tool was removed entirely, as the server is intended to operate on existing repositories only. Users are advised to upgrade to 20

Affected: >= 0Fixed in 2025.9.25source →

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Server Sequential Thinking safe to use?: Server Sequential Thinking has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Server Sequential Thinking?: Server Sequential Thinking supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What AI clients work with Server Sequential Thinking?: Server Sequential Thinking is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Server Sequential Thinking actively maintained?: Server Sequential Thinking is actively maintained — last commit was 1 day ago. It has 85,853 GitHub stars.

Similar servers

Others in other

View all →

io.github.wyre-technology/spanning-mcp90

MCP server for Spanning Cloud Backup — M365/GWS/Salesforce backups, restores, audit.

io.github.codeofaxel/kiln88

AI agent control of 3D printers — 432 tools for OctoPrint, Moonraker, Bambu, Prusa, Elegoo

18 11

io.github.wyre-technology/autotask-mcp88

MCP server for Kaseya Autotask PSA — companies, tickets, projects, time entries, and more.

36 6

io.github.AnchorRegistry/ar-mcp88

On-chain provenance lookup for AnchorRegistry. Resolve AR-IDs, hashes, and full trees. Authless.

MCP Security Weekly

Get CVE alerts and security updates for Server Sequential Thinking and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Frequently Asked Questions

Is Server Sequential Thinking safe to use?

Server Sequential Thinking has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install Server Sequential Thinking?

Server Sequential Thinking supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What AI clients work with Server Sequential Thinking?

Server Sequential Thinking is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is Server Sequential Thinking actively maintained?

Server Sequential Thinking is actively maintained — last commit was 1 day ago. It has 85,853 GitHub stars.