Codesentinel
@salrad22
Codesentinel について
概要はまだありません
基本情報
設定
以下の設定を使って、このサーバーを MCP 対応クライアントに追加してください。
{
"mcpServers": {
"code-sentinel": {
"command": "npx",
"args": [
"code-sentinel-mcp"
]
}
}
}ツール
ツールは検出されませんでした
ツールは README から自動的に抽出されます。メンテナーは ## Tools という見出しの下に記載することで、このタブに反映できます。
概要
What is Codesentinel?
Codesentinel is a Model Context Protocol (MCP) server that analyzes source code for security vulnerabilities, deceptive patterns, placeholder code, code smells, and good practices. It integrates with Claude Code and other MCP-compatible clients to serve as a quality gate before issues reach production.
How to use Codesentinel?
Install globally via npm (npm install -g code-sentinel-mcp) and add to Claude Code using claude mcp add code-sentinel -- npx code-sentinel-mcp, or manually configure the MCP server in ~/.claude/claude_desktop_config.json. Use the provided tools by asking Claude Code to analyze code snippets or files.
Key features of Codesentinel
- Detects 93 distinct patterns across 5 categories
- Security analysis: hardcoded secrets, SQL injection, XSS, command injection
- Deceptive pattern detection: empty catch blocks, silent failures, linter suppression
- Placeholder detection: TODOs, lorem ipsum, incomplete implementations
- Error and code smell detection: type coercion, null references, async anti‑patterns
- Strength recognition: highlights proper typing, error handling, testing patterns
Use cases of Codesentinel
- Audit AI‑generated code for hardcoded secrets, empty catch blocks, and placeholders before merging
- Review pull requests for security vulnerabilities and error‑hiding patterns
- Scan existing codebases for missing error handling and risky patterns during refactoring
- Generate visual HTML reports for team review of code quality
FAQ from Codesentinel
Which languages does Codesentinel support?
Codesentinel supports TypeScript, JavaScript, Python, Go, Rust, Java, Kotlin, Swift, C#, C/C++, PHP, Vue, and Svelte, with language detection based on file extension.
How is the quality score calculated?
The score (0–100) is 100 - (critical × 25) - (high × 15) - (medium × 5) - (low × 1) + (strengths × 2). Critical issues deduct 25 points, strengths add 2 points each.
What tools does Codesentinel provide?
Tools include analyze_code, generate_report, check_security, check_deceptive_patterns, check_placeholders, analyze_patterns, and analyze_design_patterns. Each accepts code and filename parameters and returns structured JSON or HTML reports.
Can I add custom detection patterns?
Yes. Edit files in src/analyzers/ (security.ts, deceptive.ts, placeholders.ts, errors.ts, strengths.ts) following the existing pattern structure with regex, severity, and optional verification logic.
How does the verification feature work?
Many patterns include a verification object with assumption, confirmIf, and falsePositiveIf fields to reduce false positives by confirming only when the pattern matches certain contextual conditions.
「開発者ツール」の他のコンテンツ
test
prysmaticlabsGo implementation of Ethereum proof of stake
Code Index MCP
johnhuang316A Model Context Protocol (MCP) server that helps large language models index, search, and analyze code repositories with minimal setup
MCP Inspector
modelcontextprotocolVisual testing tool for MCP servers
Smithery CLI
smithery-aiInstall, manage and develop MCP servers and skills for agents

Sentry
modelcontextprotocolModel Context Protocol Servers
コメント