Codesentinel
@salrad22
About Codesentinel
No overview available yet
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"code-sentinel": {
"command": "npx",
"args": [
"code-sentinel-mcp"
]
}
}
}Tools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is Codesentinel?
Codesentinel is a Model Context Protocol (MCP) server that analyzes source code for security vulnerabilities, deceptive patterns, placeholder code, code smells, and good practices. It integrates with Claude Code and other MCP-compatible clients to serve as a quality gate before issues reach production.
How to use Codesentinel?
Install globally via npm (npm install -g code-sentinel-mcp) and add to Claude Code using claude mcp add code-sentinel -- npx code-sentinel-mcp, or manually configure the MCP server in ~/.claude/claude_desktop_config.json. Use the provided tools by asking Claude Code to analyze code snippets or files.
Key features of Codesentinel
- Detects 93 distinct patterns across 5 categories
- Security analysis: hardcoded secrets, SQL injection, XSS, command injection
- Deceptive pattern detection: empty catch blocks, silent failures, linter suppression
- Placeholder detection: TODOs, lorem ipsum, incomplete implementations
- Error and code smell detection: type coercion, null references, async anti‑patterns
- Strength recognition: highlights proper typing, error handling, testing patterns
Use cases of Codesentinel
- Audit AI‑generated code for hardcoded secrets, empty catch blocks, and placeholders before merging
- Review pull requests for security vulnerabilities and error‑hiding patterns
- Scan existing codebases for missing error handling and risky patterns during refactoring
- Generate visual HTML reports for team review of code quality
FAQ from Codesentinel
Which languages does Codesentinel support?
Codesentinel supports TypeScript, JavaScript, Python, Go, Rust, Java, Kotlin, Swift, C#, C/C++, PHP, Vue, and Svelte, with language detection based on file extension.
How is the quality score calculated?
The score (0–100) is 100 - (critical × 25) - (high × 15) - (medium × 5) - (low × 1) + (strengths × 2). Critical issues deduct 25 points, strengths add 2 points each.
What tools does Codesentinel provide?
Tools include analyze_code, generate_report, check_security, check_deceptive_patterns, check_placeholders, analyze_patterns, and analyze_design_patterns. Each accepts code and filename parameters and returns structured JSON or HTML reports.
Can I add custom detection patterns?
Yes. Edit files in src/analyzers/ (security.ts, deceptive.ts, placeholders.ts, errors.ts, strengths.ts) following the existing pattern structure with regex, severity, and optional verification logic.
How does the verification feature work?
Many patterns include a verification object with assumption, confirmIf, and falsePositiveIf fields to reduce false positives by confirming only when the pattern matches certain contextual conditions.
More Developer Tools MCP servers
MCP Unity Editor (Game Engine)
CoderGamesterModel Context Protocol (MCP) plugin to connect with Unity Editor — designed for Cursor, Claude Code, Codex, Windsurf and other IDEs
Code Index MCP
johnhuang316A Model Context Protocol (MCP) server that helps large language models index, search, and analyze code repositories with minimal setup
test
prysmaticlabsGo implementation of Ethereum proof of stake
test
cloudwegoThe ultimate LLM/AI application development framework in Go.
MCP-Bridge
SecretiveShellA middleware to provide an openAI compatible endpoint that can call MCP tools
Comments