S

Semgrep MCP Server

Run static analysis and find code patterns from AI agents.

freemium 61/100 Security semgrep sast static-analysis security code-patterns linting

A Model Context Protocol server for Semgrep. Enables AI agents to run static analysis scans, find security vulnerabilities, enforce code patterns, and apply custom rules.

Supports SAST scanning with 2000+ community rules covering OWASP Top 10, secrets detection, and language-specific best practices.

Install

pip install mcp-server-semgrep

MCP Client Config

{
  "mcpServers": {
    "semgrep": {
      "command": "python",
      "args": [
        "-m",
        "mcp_server_semgrep"
      ],
      "env": {
        "SEMGREP_APP_TOKEN": "<your-token>"
      }
    }
  }
}

Capabilities

Tools

scanlist_rulessearch_rulesget_findings

Compatible With

Claude Desktop Claude Code Cursor

Pricing

Community rules free. Pro rules and team features require subscription.

Metrics

540

GitHub Stars

4,100

Installs

320

Weekly

5

Open Issues

View Repository By Semgrep

More in Security

Best of Security →
1

1Password MCP Server

Securely access 1Password vaults and items from AI agents.

open-source 66/100 Security
S

Snyk MCP Server

Scan for vulnerabilities and security issues from AI agents.

freemium 65/100 Security
H

HashiCorp Vault MCP Server

Access secrets and manage HashiCorp Vault from AI agents.

open-source 60/100 Security