mcp
If you are the rightful owner of mcp and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcpreview.com.
Semgrep MCP Server is a Model Context Protocol server that uses Semgrep to scan code for security vulnerabilities.
The Semgrep MCP Server is a Model Context Protocol (MCP) server designed to leverage Semgrep's capabilities for scanning code to identify security vulnerabilities. Semgrep is a fast, deterministic static analysis tool that semantically understands many programming languages and comes with a vast library of over 5,000 rules. The MCP server provides a standardized API for integration with LLMs, agents, and IDEs like VS Code, Cursor, and others that support MCP. This server is under active development and aims to enhance application security by integrating seamlessly into the development workflow, allowing developers to scan their code for vulnerabilities using Semgrep's powerful analysis capabilities. The server supports both standard input/output and server-sent events (SSE) for communication, making it versatile for different integration scenarios.
Features
- Fast and deterministic static analysis using Semgrep.
- Supports multiple programming languages with over 5,000 rules.
- Integrates with IDEs like VS Code, Cursor, and more.
- Provides both stdio and SSE transport protocols.
- Enables LLMs to perform security checks and understand code structure.
Tools
- security_check: Scan code security vulnerabilities
- semgrep_scan: Scan code with specified configuration
- get_abstract_syntax_tree: Get the AST of the code
- supported_languages: List supported languages