A
securityA
licenseA
qualityA Model Context Protocol (MCP) server that helps large language models index, search, and analyze code repositories with minimal setup
Last updated -
12
386
MIT License
Performs static code analysis for JavaScript/TypeScript projects to identify code quality issues
Enables branch enumeration, commit history analysis, diff comparisons, and repository structure visualization
Allows repository analysis and security scanning for GitHub repositories
Supports repository analysis and security scanning with optional authentication via API tokens
Provides code quality analysis and security scanning for JavaScript codebases
Supports running on Linux environments with appropriate system dependency installation
Supports running on macOS environments with appropriate system dependency installation
Provides code quality analysis with Pylint and security checks with Bandit for Python codebases
Integrated vulnerability scanner for comprehensive security reports across repositories
Provides code quality analysis and security scanning for TypeScript codebases
Supports running on Ubuntu with specific installation instructions for required dependencies
Argus - Repository Analysis and Security Assessment Tool
A powerful Model Context Protocol (MCP) tool for analyzing code repositories, performing security scans, and assessing code quality across multiple programming languages.
Features
Multi-Language Support
Go: gocyclo, golangci-lint analysis
Java: PMD static analysis
Python: Pylint, Bandit security checks
JavaScript/TypeScript: ESLint analysis
Automatic language detection
Security Scanning
Integrated Trivy vulnerability scanner
Comprehensive security reports
Support for multiple branches
Git Operations
Branch enumeration and management
Commit history analysis
Diff comparisons
Repository structure visualization
Installation
Prerequisites
Python 3.8+
Git
libmagic (system dependency)
System Dependencies
macOS
brew install libmagic
Linux (Ubuntu/Debian)
sudo apt-get update
sudo apt-get install -y libmagic1
Installation via uv
uvx argus
Usage
Basic MCP Commands
# Analyze repository structure
analyze_repository_structure(
repo_url="https://gitlab.com/user/repo",
gitlab_credentials={"api_key": "your-token"}, # Optional
branch="main" # Optional
)
# Perform code quality analysis
analyze_code_quality(
repo_url="https://gitlab.com/user/repo",
language="python" # Optional, will auto-detect if not specified
)
# Security scan
security_scan_repository(
repo_url="https://gitlab.com/user/repo",
scan_type="trivy"
)
# Compare changes
compare_git_changes(
repo_url="https://gitlab.com/user/repo",
source="feature-branch",
target="main"
)
# Security scan repository
security_scan_repository(
repo_url="https://gitlab.com/user/repo",
scan_type="trivy"
)
### MCP Configuration
```json
{
"command": "uvx",
"args": [
"--from",
"git+https://github.com/athapong/argus",
"argus"
],
"alwaysAllow": [
"get_commit_history",
"enumerate_branches",
"compare_git_changes",
"analyze_code_quality",
"security_scan_repository"
],
"timeout": 300
}
Supported Analysis Tools
Language | Tools | Installation |
Go | gocyclo, golangci-lint |
|
Java | PMD | macOS:
, Linux: Auto-installed |
Python | Pylint, Bandit | Auto-installed via dependencies |
JavaScript | ESLint |
|
Environment Variables
SKIP_SYSTEM_CHECK: Set to any value to skip system dependency checksPATH: Automatically updated for tool installations
Error Handling
The tool provides detailed error messages and graceful fallbacks:
Dependency installation failures show warnings instead of errors
Language detection falls back to specified language if auto-detection fails
Tool execution errors are captured in the response structure
License
MIT License
Contributing
Fork the repository
Create your feature branch
Commit your changes
Push to the branch
Create a new Pull Request
This server cannot be installed
remote-capable server
The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.
A Model Context Protocol tool for analyzing code repositories, performing security scans, and assessing code quality across multiple programming languages.
- Features
- Installation
- Usage
- Supported Analysis Tools
- Environment Variables
- Error Handling
- License
- Contributing
Related Resources
Related MCP Servers
- -securityFlicense-qualityA Model Context Protocol server that allows users to query and analyze their SafetyCulture inspection data using natural language after providing an API key.Last updated -
- AsecurityFlicenseAqualityA comprehensive Model Context Protocol server for advanced code analysis that provides tools for syntax analysis, dependency visualization, and AI-assisted development workflow support.Last updated -284
- AsecurityAlicenseAqualityA Model Context Protocol server that helps large language models process code repositories by providing file tree generation, code merging, and code analysis capabilities.Last updated -322MIT License