- Home
- MCP servers
- Semgrep
Semgrep
- javascript
25
GitHub Stars
javascript
Language
6 months ago
First Indexed
2 months ago
Catalog Refreshed
Documentation & install
Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.
Installation
Add the following to your MCP client configuration file.
Configuration
View docs{
"mcpServers": {
"vetcoders-mcp-server-semgrep": {
"command": "node",
"args": [
"/your_path/mcp-server-semgrep/build/index.js"
],
"env": {
"SEMGREP_APP_TOKEN": "YOUR_TOKEN"
}
}
}
}MCP Server Semgrep combines the Model Context Protocol with Semgrep’s static analysis to provide code analysis, security checks, and quality improvements through a conversational interface. It helps you analyze whole projects, detect vulnerabilities and stylistic issues, and learn secure coding practices as you interact with AI assistants.
How to use
You use MCP Server Semgrep with an MCP client to scan code, run custom Semgrep rules, and review results through natural conversations. You can start a scan of a project directory, list available Semgrep rules and languages, analyze the results, and iteratively improve your code by creating or updating rules. You can filter results to focus on security issues, compare pre- and post-change scans, and export findings for reporting or integration into your workflow.
How to install
Prerequisites you need before installing are: Node.js v18 or newer and TypeScript if you plan to contribute or develop.
Option 2: Install from NPM Registry (recommended for straightforward setup)
# Using npm
npm install -g mcp-server-semgrep
# Using pnpm
pnpm add -g mcp-server-semgrep
# Using yarn
yarn global add mcp-server-semgrep
Option 3: Install from GitHub
Option 4: Local development setup lets you work with the code locally and build before use.
Available tools
scan_directory
Scan a directory of source code to identify potential issues using Semgrep rules and MPC integration.
list_rules
List available Semgrep rules and languages supported by the server.
analyze_results
Provide a detailed analysis of scan results, highlighting findings, severity, and suggested fixes.
create_rule
Create custom Semgrep rules tailored to your project’s needs, including language and pattern specifications.
filter_results
Filter scan results by criteria such as severity, language, or rule.
export_results
Export scan findings to formats suitable for reporting or CI integration.
compare_results
Compare two sets of results to evaluate fixes or changes over time.