#static-analysis

AI-powered code quality analysis using MCP to help AI assistants review code more effectively. Analyze git changes for complexity, security issues, and more through structured prompts.

Code Pathfinder's MCP Server provides AI coding assistants like Claude Code with deep semantic understanding of codebases through call graph analysis, symbol search, and dependency tracking. It enables developers to ask natural language questions like "who calls this function?" instead of manually using grep or searching code. The tool runs 100% locally (your code never leaves your machine), is free and open-source under AGPL-3.0, and installs in under 5 minutes. [codepathfinder](https://codepathfinder.dev/mcp)

PCI DSS v4.0.1 static-analysis MCP server for Go payment service codebases. 12 scanners detect PAN/CVV exposure, weak crypto, missing audit logs, vulnerable deps, TLS misconfig, auth weaknesses, plus CycloneDX 1.6 SBOM generation. Each finding maps to the exact PCI requirement. AI-assisted triage via triage_findings tool. Keyless-signed multi-arch Docker image on ghcr.io.

Curated by Archimedes Market. Static security analysis exposed as MCP tools. OWASP top 10, secrets detection, custom rule packs. Baseline scanning focuses on newly-introduced findings. Built for production-grade security review. → archimedes.market/assets/21c4a8ab-80dc-4a69-8444-c209a130f27e