- Home
- MCP servers
- Semgrep
Semgrep
- python
639
GitHub Stars
python
Language
6 months ago
First Indexed
2 months ago
Catalog Refreshed
Documentation & install
Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.
You can run Semgrep’s MCP server to enable large language models, IDEs, and automation tools to scan code with Semgrep rules, get context, and perform automated security checks. This MCP server exposes both local, self-contained operation (stdio) and remote, streamable HTTP access, so you can choose the integration method that best fits your workflow.
How to use
You connect your MCP client to either a local stdio server or a remote HTTP(S) MCP endpoint. The stdio method runs on your machine and communicates via standard input and output, while the HTTP method exposes a streaming API over HTTP that your client can call.
How to install
Prerequisites: Python and/or Docker, depending on how you want to run the MCP server.
Option A: Run the MCP server locally via Python (stdio transport) using the uvx runner.
Option B: Run the MCP server locally in a Docker container (stdio transport) using the official image.
Additional content
This MCP server supports multiple connection methods and provides tooling endpoints for scanning code, understanding code structure, and integrating with the Semgrep AppSec Platform.
Config examples and endpoints
{
"mcpServers": {
"semgrep": {
"type": "stdio",
"command": "uvx",
"args": ["semgrep-mcp"],
"env": {
"SEMGREP_APP_TOKEN": "<token>"
}
}
}
}
Tools and capabilities
{
"tools": [
{
"name": "security_check",
"description": "Scan code for security vulnerabilities using predefined checks."
},
{
"name": "semgrep_scan",
"description": "Scan code files for security vulnerabilities with a given Semgrep config string."
},
{
"name": "semgrep_scan_with_custom_rule",
"description": "Scan code files using a custom Semgrep rule."
},
{
"name": "get_abstract_syntax_tree",
"description": "Output the Abstract Syntax Tree (AST) of code."
},
{
"name": "semgrep_findings",
"description": "Fetch Semgrep findings from the Semgrep AppSec Platform API."
},
{
"name": "supported_languages",
"description": "Return the list of languages Semgrep supports."
},
{
"name": "semgrep_rule_schema",
"description": "Fetches the latest Semgrep rule JSON Schema."
}
]
}
Available tools
security_check
Scan code for security vulnerabilities using predefined checks.
semgrep_scan
Scan code files for security vulnerabilities with a given Semgrep config string.
semgrep_scan_with_custom_rule
Scan code files using a custom Semgrep rule.
get_abstract_syntax_tree
Output the Abstract Syntax Tree (AST) of code.
semgrep_findings
Fetch Semgrep findings from the Semgrep AppSec Platform API.
supported_languages
Return the list of languages Semgrep supports.
semgrep_rule_schema
Fetches the latest semgrep rule JSON Schema.