JN Engine Contributor MCP
Provides a check_status tool to query the status of core and assets GitHub Actions workflows.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@JN Engine Contributor MCPsearch for 'authentication' in the engine snapshot"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
JN Engine Contributor MCP
A read-only REST and Streamable HTTP MCP gateway for contributors working on JN Engine. It exposes a reviewed, immutable repository snapshot to ChatGPT, Claude, MCP-compatible coding agents, and ordinary HTTP clients without giving those clients shell or Git access to the host.
This is the public, contributor-safe distribution. It contains the complete service, tests, snapshot exporters, Docker configuration, and example deployment files. It does not contain production credentials, personal paths, private hostnames, audit records, incident reports, or mutable operator data.
What It Provides
The engine profile exposes six read-only tools:
searchandfetchfor commit-bound source and documentation retrieval;list_tasksandproject_contextfor bounded project orientation;lookup_symbolfor recovered symbol/address lookup; andcheck_statusfor fail-closedcoreandassetsGitHub Actions status.
An optional source profile exposes this repository itself through search, fetch,
and repository_context. That profile lets a web or app-based agent inspect the MCP
implementation even when the platform's account-level GitHub integration is not
available as a callable chat tool.
Both profiles use immutable snapshots. Search IDs include the active commit and become invalid after a snapshot refresh, so clients must search again rather than silently mixing content from different revisions.
Related MCP server: Sourceplane MCP
Why Sanitization Does Not Reduce Contributor Value
The useful parts are present: application behavior, interfaces, tests, fixture data, dependency locks, container boundaries, deployment examples, and contribution rules. Only environment-specific material was excluded. Contributors can:
run all unit and integration tests;
build and inspect the container;
create snapshots from the public JN Engine repository;
exercise either MCP profile locally without authentication;
configure their own GitHub OAuth deployment;
develop new read-only tools and submit pull requests; and
use the source profile to ground ChatGPT or Claude in this implementation.
See Intended Usage for contributor and operator workflows, and Public Repository Boundary for the exact public/private split.
Quick Start
Requirements: Python 3.11 through 3.13, Git, and ripgrep.
python3 -m venv .venv
.venv/bin/python -m pip install --constraint requirements.lock -e '.[test]'Build a local immutable snapshot of JN Engine:
JN_REPO_MIRROR_PATH="$PWD/.local/jn-engine.git" \
JN_SNAPSHOT_ROOT="$PWD/.local/snapshots" \
deploy/refresh_snapshot.sh --build-onlyThe command prints the promoted snapshot path. Start a loopback-only development server with that path:
APP_ENV=development \
AUTH_MODE=authless_local \
API_HOST=127.0.0.1 \
JN_SNAPSHOT_PATH="$PWD/.local/snapshots/<commit>" \
.venv/bin/python -m app.runConnect an MCP client to http://127.0.0.1:8788/mcp. Authless mode is deliberately
restricted to a loopback listener and is not a production configuration.
Verification
CI constructs its own immutable JN Engine fixture before running the suite. Locally,
set JN_TEST_SNAPSHOT_PATH to the snapshot created above:
JN_TEST_SNAPSHOT_PATH="$PWD/.local/snapshots/<commit>" \
.venv/bin/python -m pytest -qProduction GitHub OAuth configuration and secret-file permissions are documented in Deployment. MCP contracts are in MCP Surface.
Security Properties
Repository identity and ref are code-owned and cannot be redirected by environment variables.
Snapshot files are inventory checked, contained, non-symlink, regular, bounded, and read-only in production.
OAuth state is encrypted before being stored in a mode-0700 file-tree directory.
Secret values are accepted through mode-0600 files, not command-line arguments or URLs.
Write and shell actions fail startup when enabled.
The container runs non-root with a read-only root filesystem, no capabilities, no Docker socket, and no Git executable.
Report vulnerabilities privately as described in SECURITY.md.
License
Licensed under the MIT License. See LICENSE.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/alexscott2718-gif/jn-engine-contributor-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server