Codesentinel
@salrad22
关于 Codesentinel
暂无概览
基本信息
配置
使用下面的配置,将此服务器添加到你的 MCP 客户端。
{
"mcpServers": {
"code-sentinel": {
"command": "npx",
"args": [
"code-sentinel-mcp"
]
}
}
}工具
未检测到工具
工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。
概览
What is Codesentinel?
Codesentinel is a Model Context Protocol (MCP) server that analyzes source code for security vulnerabilities, deceptive patterns, placeholder code, code smells, and good practices. It integrates with Claude Code and other MCP-compatible clients to serve as a quality gate before issues reach production.
How to use Codesentinel?
Install globally via npm (npm install -g code-sentinel-mcp) and add to Claude Code using claude mcp add code-sentinel -- npx code-sentinel-mcp, or manually configure the MCP server in ~/.claude/claude_desktop_config.json. Use the provided tools by asking Claude Code to analyze code snippets or files.
Key features of Codesentinel
- Detects 93 distinct patterns across 5 categories
- Security analysis: hardcoded secrets, SQL injection, XSS, command injection
- Deceptive pattern detection: empty catch blocks, silent failures, linter suppression
- Placeholder detection: TODOs, lorem ipsum, incomplete implementations
- Error and code smell detection: type coercion, null references, async anti‑patterns
- Strength recognition: highlights proper typing, error handling, testing patterns
Use cases of Codesentinel
- Audit AI‑generated code for hardcoded secrets, empty catch blocks, and placeholders before merging
- Review pull requests for security vulnerabilities and error‑hiding patterns
- Scan existing codebases for missing error handling and risky patterns during refactoring
- Generate visual HTML reports for team review of code quality
FAQ from Codesentinel
Which languages does Codesentinel support?
Codesentinel supports TypeScript, JavaScript, Python, Go, Rust, Java, Kotlin, Swift, C#, C/C++, PHP, Vue, and Svelte, with language detection based on file extension.
How is the quality score calculated?
The score (0–100) is 100 - (critical × 25) - (high × 15) - (medium × 5) - (low × 1) + (strengths × 2). Critical issues deduct 25 points, strengths add 2 points each.
What tools does Codesentinel provide?
Tools include analyze_code, generate_report, check_security, check_deceptive_patterns, check_placeholders, analyze_patterns, and analyze_design_patterns. Each accepts code and filename parameters and returns structured JSON or HTML reports.
Can I add custom detection patterns?
Yes. Edit files in src/analyzers/ (security.ts, deceptive.ts, placeholders.ts, errors.ts, strengths.ts) following the existing pattern structure with regex, severity, and optional verification logic.
How does the verification feature work?
Many patterns include a verification object with assumption, confirmIf, and falsePositiveIf fields to reduce false positives by confirming only when the pattern matches certain contextual conditions.
开发工具 分类下的更多 MCP 服务器
MCP Inspector
modelcontextprotocolVisual testing tool for MCP servers
test
cloudwegoThe ultimate LLM/AI application development framework in Go.
test
harlancA simple,high performance and secure live media server in pure Rust (RTMP[cluster]/RTSP/WebRTC[whip/whep]/HTTP-FLV/HLS).🦀
JetBrains MCP Proxy Server
JetBrainsA model context protocol server to work with JetBrains IDEs: IntelliJ, PyCharm, WebStorm, etc. Also, works with Android Studio
mcp-excalidraw
yctimlinMCP server and Claude Code skill for Excalidraw — programmatic canvas toolkit to create, edit, and export diagrams via AI agents with real-time canvas sync.
评论