MCP.so
ログイン
サーバー

Mcp Semgrep Scanner

@archimedes-market

Curated by Archimedes Market. Static security analysis exposed as MCP tools. OWASP top 10, secrets detection, custom rule packs. Baseline scanning focuses on newly-introduced findings. Built for production-grade security review. → archimedes.market/assets/21c4a8ab-80dc-4a69-8444-

概要

What is Mcp Semgrep Scanner?

Mcp Semgrep Scanner enables AI agents to run Semgrep static analysis on code. It surfaces OWASP top-10 findings, secrets, supply-chain issues, and custom rule packs, with baseline scanning that filters output to newly-introduced findings to reduce noise.

How to use Mcp Semgrep Scanner?

Configure the server in your MCP client to run Semgrep scanning commands. The server handles baseline scanning to focus results on new findings.

Key features of Mcp Semgrep Scanner

  • Run Semgrep static analysis from an AI agent.
  • Surface OWASP top-10 findings.
  • Detect secrets and supply-chain issues.
  • Apply custom rule packs.
  • Baseline scanning reduces noise on new findings.

Use cases of Mcp Semgrep Scanner

  • AI-assisted code review for OWASP vulnerabilities.
  • Automated secret detection during development.
  • Supply-chain risk analysis in CI/CD pipelines.
  • Custom rule enforcement via AI agents.
  • New-code baseline scanning to filter pre-existing issues.

FAQ from Mcp Semgrep Scanner

What does Mcp Semgrep Scanner do?

It runs Semgrep static analysis from an AI agent, surfacing OWASP top-10 findings, secrets, supply-chain issues, and custom rule packs.

What is baseline scanning?

Baseline scanning focuses output on newly-introduced findings so the noise floor stays low.

What is the license for Mcp Semgrep Scanner?

The server is licensed under MIT.

タグ

「開発者ツール」の他のコンテンツ