SnapBack MCP Server
Enables AI-powered code safety analysis including risk detection, secret scanning, dependency checking, and code snapshot management. Works offline for basic features with optional cloud integration for advanced ML analysis and team collaboration.
README
SnapBack MCP Server
AI-powered code analysis and snapshot management via Model Context Protocol
Integrate SnapBack's code safety features directly into Claude Desktop, Cursor, and any MCP-compatible AI tool.
Quick Start
npm install -g @snapback/mcp-server
snapback-mcp
Works immediately - no configuration required!
Features
π Free (No Account Needed)
- β Risk Analysis: Detect secrets, vulnerabilities in code changes
- β Dependency Checking: Validate package.json changes
- β Local Analysis: Basic secret detection and security scanning
- β Offline Mode: Works without internet connection
- β Context7 Integration: Library documentation and code search
βοΈ Pro Features (Optional API Key)
Get a free API key from snapback.dev to unlock:
- π Advanced ML Analysis: AI-powered risk detection
- π Snapshot Management: Create and restore code snapshots
- π Cloud Sync: Access snapshots across devices
- π Team Sharing: Collaborate on code safety
Installation
Claude Desktop
Add to ~/Library/Application Support/Claude/claude_desktop_config.json:
{
"mcpServers": {
"snapback": {
"command": "npx",
"args": ["-y", "@snapback/mcp-server"]
}
}
}
With API Key (Optional)
{
"mcpServers": {
"snapback": {
"command": "npx",
"args": ["-y", "@snapback/mcp-server"],
"env": {
"SNAPBACK_API_KEY": "your_api_key_here"
}
}
}
}
Cursor / Other MCP Clients
# Install globally
npm install -g @snapback/mcp-server
# Run with stdio transport
snapback-mcp
Available Tools
snapback.analyze_risk
Analyze code changes for potential security risks before applying them.
When to use:
- Before accepting AI-generated code
- When reviewing complex changes
- For critical files (auth, database, config)
Example:
// AI detects you want to add authentication
// Before applying changes, it calls:
snapback.analyze_risk({
changes: [
{ added: true, value: "const API_KEY = 'sk_live_...';" }
]
})
// Returns: β οΈ HIGH RISK: Hardcoded secret detected
snapback.check_dependencies
Check for dependency-related risks when package.json changes.
Example:
snapback.check_dependencies({
before: { "lodash": "^4.17.15" },
after: { "lodash": "^4.17.21" }
})
// Returns: βΉοΈ Security update available
snapback.create_snapshot (Pro)
Create a code snapshot before risky changes.
Example:
snapback.create_snapshot({
reason: "Before major refactor",
files: ["src/auth.ts", "src/db.ts"]
})
// Returns: β
Snapshot created: snap_xyz123
snapback.list_snapshots (Pro)
List all available snapshots.
snapback.restore_snapshot (Pro)
Restore code from a previous snapshot.
Context7 Tools
ctx7.resolve-library-id: Find library documentationctx7.get-library-docs: Fetch library docs and examples
Configuration
Environment Variables
# Optional: SnapBack API key for Pro features
SNAPBACK_API_KEY=sk_...
# Optional: Custom API URL
SNAPBACK_API_URL=https://api.snapback.dev
# Optional: Context7 API key for enhanced docs
CONTEXT7_API_KEY=...
# Optional: Log level
LOG_LEVEL=info
Offline Mode
Works perfectly without any configuration or API keys:
# No env vars needed!
npx @snapback/mcp-server
What works offline:
- Risk analysis (basic)
- Dependency checking
- Secret detection
- Context7 library search (cached)
What requires API key:
- Advanced ML risk analysis
- Snapshot creation/restoration
- Cloud sync
- Team features
Architecture
βββββββββββββββββββ
β AI Tool β (Claude, Cursor, etc.)
β (MCP Client) β
ββββββββββ¬βββββββββ
β MCP Protocol
β
ββββββββββΌββββββββββββββββββββββββββββββββββ
β SnapBack MCP Server β
β ββββββββββββββββ ββββββββββββββββββββ β
β β Free Tools β β Pro Tools β β
β β - analyze β β - snapshots β β
β β - check_deps β β - cloud sync β β
β ββββββββββββββββ ββββββββββββββββββββ β
βββββββββββββ¬βββββββββββββββββββββββββββββββ
β
βββββ΄βββββ
β β
ββββββΌββββ βββΌββββββββββ
β Local β β SnapBack β
βAnalysisβ β API β
ββββββββββ βββββββββββββ
Development
Running Locally
git clone https://github.com/snapback-dev/mcp-server.git
cd mcp-server
pnpm install
pnpm build
pnpm start
Testing
# Run tests
pnpm test
# Test without API key (offline mode)
unset SNAPBACK_API_KEY
pnpm start
# Test with API key
export SNAPBACK_API_KEY=sk_test_...
pnpm start
Building
pnpm build
# Output: dist/index.js (ESM)
Troubleshooting
Server won't start
- Check Node.js version:
node -v(requires 18+) - Clear cache:
rm -rf node_modules && npm install - Check permissions:
chmod +x $(which snapback-mcp)
API key not working
- Verify key format:
sk_live_...orsk_test_... - Check env var:
echo $SNAPBACK_API_KEY - Get new key: snapback.dev/settings/api
Tools not showing in Claude
- Restart Claude Desktop completely
- Check config file syntax (JSON must be valid)
- Look for errors in Claude's console logs
Security
- All secrets handled via environment variables
- No data sent to SnapBack without API key
- Local analysis runs offline
- Open source - audit the code yourself
Report security issues: security@snapback.dev
Links
- Documentation: docs.snapback.dev
- Main Repository: Marcelle-Labs/snapback.dev
- Issues: github.com/snapback-dev/mcp-server/issues
- NPM: @snapback/mcp-server
License
Apache-2.0 Β© SnapBack
Related
snapbackVS Code Extension@snapback/sdk- TypeScript SDK@snapback/contracts- Type definitions
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.
E2B
Using MCP to run code via e2b.
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Neon Database
MCP server for interacting with Neon Management API and databases