MCP Server Semgrep
@Szowesgad
MCP Server Semgrep について
MCP Server Semgrep is a [Model Context Protocol](https://modelcontextprotocol.io) compliant server that integrates the powerful Semgrep static analysis tool with AI assistants like Anthropic Claude. It enables advanced code analysis, security vulnerability detection, and code qua
基本情報
設定
ツール
ツールは検出されませんでした
ツールは README から自動的に抽出されます。メンテナーは ## Tools という見出しの下に記載することで、このタブに反映できます。
概要
What is MCP Server Semgrep?
MCP Server Semgrep is a Model Context Protocol (MCP) compliant server that integrates the Semgrep static analysis tool with AI assistants like Claude. It enables advanced code analysis, security vulnerability detection, and code quality improvements through a conversational interface.
How to use MCP Server Semgrep?
Install via Smithery.ai (recommended), npm global install (npm install -g mcp-server-semgrep), or from GitHub. For Claude Desktop, add the server to claude_desktop_config.json with the path to the built index.js and optional SEMGREP_APP_TOKEN and MCP_SERVER_SEMGREP_ALLOWED_ROOTS environment variables. The server provides tools such as scan_directory, list_rules, analyze_results, create_rule, filter_results, export_results, and compare_results.
Key features of MCP Server Semgrep
- Direct integration with the official MCP SDK
- Simplified architecture with consolidated handlers
- Clean ES Modules implementation
- Efficient error handling and path validation
- Cross-platform compatibility (Windows, macOS, Linux)
- Flexible Semgrep installation detection and management
Use cases of MCP Server Semgrep
- Code security analysis before deployment
- Detection of common programming errors
- Enforcing coding standards within a team
- Refactoring and improving quality of existing code
- Identifying style inconsistencies (e.g., CSS z-index organization)
FAQ from MCP Server Semgrep
What makes this server different from other Semgrep MCP servers?
It uses the official MCP SDK directly, features a simplified architecture with consolidated handlers, is implemented as clean ES Modules, and includes comprehensive cross-platform support and extensive documentation in English and Polish.
What are the runtime requirements?
Node.js v18+ is required. Semgrep CLI must be installed (can be installed via npm, pip, Homebrew, or native package managers).
How does authentication work?
The server does not implement its own authentication; it shells out to the installed semgrep CLI and relies on its normal authentication. Use SEMGREP_APP_TOKEN for deterministic behavior in managed environments, or an existing semgrep login session for local runs.
Where does the server read and write files?
Only inside explicitly allowed workspace roots. By default, the allowed root is process.cwd(). Set MCP_SERVER_SEMGREP_ALLOWED_ROOTS to one or more absolute directories (colon-separated on macOS/Linux, semicolon on Windows) to permit additional roots.
What tools does the server provide?
Seven tools: scan_directory (scan code for issues), list_rules (list available rules and languages), analyze_results (detailed analysis), create_rule (create custom Semgrep rules), filter_results (filter results by criteria), export_results (export in various formats), and compare_results (compare two result sets).
「開発者ツール」の他のコンテンツ
mcp-excalidraw
yctimlinMCP server and Claude Code skill for Excalidraw — programmatic canvas toolkit to create, edit, and export diagrams via AI agents with real-time canvas sync.
MCP Inspector
modelcontextprotocolVisual testing tool for MCP servers
Huoshan Test
volcengineMCP-Bridge
SecretiveShellA middleware to provide an openAI compatible endpoint that can call MCP tools
DevDocs by CyberAGI 🚀
cyberagiincCompletely free, private, UI based Tech Documentation MCP server. Designed for coders and software developers in mind. Easily integrate into Cursor, Windsurf, Cline, Roo Code, Claude Desktop App
コメント