Name	Name	Last commit message	Last commit date
parent directory ..
Dockerfile	Dockerfile
README.md	README.md

Name

Last commit message

Last commit date

Semgrep MCP Server

Wrapper for semgrep/mcp - Static code analysis for security vulnerabilities.

Features

5000+ security rules out of the box
Supports 30+ programming languages
Fast, deterministic static analysis
Custom rule support

Tools

Tool	Description
security_check	Quick security scan of code
semgrep_scan	Full Semgrep scan with configurable rules
semgrep_scan_with_custom_rule	Scan with custom YAML rules
get_abstract_syntax_tree	Get AST for code analysis
semgrep_findings	Get findings from previous scans
supported_languages	List supported languages

Usage

Docker

docker build -t semgrep-mcp .
docker run -i --rm -v /path/to/code:/code semgrep-mcp

Claude Desktop

{
  "mcpServers": {
    "semgrep": {
      "command": "docker",
      "args": [
        "run", "-i", "--rm",
        "-v", "/path/to/code:/code",
        "semgrep-mcp:latest"
      ]
    }
  }
}

Environment Variables

Variable	Default	Description
`SEMGREP_APP_TOKEN`	(optional)	Semgrep Cloud token for additional rules

License

MIT

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

Semgrep MCP Server

Features

Tools

Usage

Docker

Claude Desktop

Environment Variables

License

FilesExpand file tree

semgrep-mcp

Directory actions

More options

Directory actions

More options

Latest commit

History

semgrep-mcp

Folders and files

parent directory

README.md

Semgrep MCP Server

Features

Tools

Usage

Docker

Claude Desktop

Environment Variables

License