semgrep-mcp-server
Semgrep Server is a Model Context Protocol server designed for integrating static code analysis into development environments using Semgrep. It allows managing Semgrep rules and analyzing code through the MCP protocol, supporting various tools for scanning, listing, and exporting results.
Semgrep Server
A Model Context Protocol (MCP) server for integrating Semgrep into the development environment. This server allows for static code analysis and management of Semgrep rules directly via the MCP protocol.
Installation
- Clone the repository and navigate to
semgrep-server. - Install dependencies using
npm install. - Build the server with
npm run build.
Usage
The server can be started in production mode or development mode using npm start and npm run dev, respectively.
Available Tools
- Scan a directory with Semgrep.
- List available Semgrep rules.
- Analyze scan results.
- Create a new Semgrep rule.
- Filter scan results by various criteria.
- Export scan results to different formats.
- Compare two scan results.
Development
The project is written in TypeScript, utilizing the MCP SDK. The structure includes source code, compiled JavaScript files, and test files.
Dependencies
- Node.js & npm
- TypeScript
- MCP SDK
- Axios for HTTP requests
License
This project is licensed under the ISC License. More details are available in the file.