Argus

Argus - Repository Analysis and Security Assessment Tool

A powerful Model Context Protocol (MCP) tool for analyzing code repositories, performing security scans, and assessing code quality across multiple programming languages.

Features

Multi-Language Support
- Go: gocyclo, golangci-lint analysis
- Java: PMD static analysis
- Python: Pylint, Bandit security checks
- JavaScript/TypeScript: ESLint analysis
- Automatic language detection
Security Scanning
- Integrated Trivy vulnerability scanner
- Comprehensive security reports
- Support for multiple branches
Git Operations
- Branch enumeration and management
- Commit history analysis
- Diff comparisons
- Repository structure visualization

Installation

Prerequisites

Python 3.8+
Git
libmagic (system dependency)

System Dependencies

macOS

brew install libmagic

Linux (Ubuntu/Debian)

sudo apt-get update
sudo apt-get install -y libmagic1

Installation via uv

uvx argus

Usage

Basic MCP Commands

# Analyze repository structure
analyze_repository_structure(
    repo_url="https://gitlab.com/user/repo",
    gitlab_credentials={"api_key": "your-token"},  # Optional
    branch="main"  # Optional
)

# Perform code quality analysis
analyze_code_quality(
    repo_url="https://gitlab.com/user/repo",
    language="python"  # Optional, will auto-detect if not specified
)

# Security scan
security_scan_repository(
    repo_url="https://gitlab.com/user/repo",
    scan_type="trivy"
)

# Compare changes
compare_git_changes(
    repo_url="https://gitlab.com/user/repo",
    source="feature-branch",
    target="main"
)

# Security scan repository
security_scan_repository(
    repo_url="https://gitlab.com/user/repo",
    scan_type="trivy"
)

### MCP Configuration

```json
{
    "command": "uvx",
    "args": [
        "--from",
        "git+https://github.com/athapong/argus",
        "argus"
    ],
    "alwaysAllow": [
        "get_commit_history",
        "enumerate_branches",
        "compare_git_changes",
        "analyze_code_quality",
        "security_scan_repository"  
    ],
    "timeout": 300
}

Supported Analysis Tools

Language	Tools	Installation
Go	gocyclo, golangci-lint	`go install github.com/fzipp/gocyclo/cmd/gocyclo@latest`
Java	PMD	macOS: `brew install pmd`, Linux: Auto-installed
Python	Pylint, Bandit	Auto-installed via dependencies
JavaScript	ESLint	`npm install -g eslint`

Environment Variables

SKIP_SYSTEM_CHECK: Set to any value to skip system dependency checks
PATH: Automatically updated for tool installations

Error Handling

The tool provides detailed error messages and graceful fallbacks:

Dependency installation failures show warnings instead of errors
Language detection falls back to specified language if auto-detection fails
Tool execution errors are captured in the response structure

License

MIT License

Contributing

Fork the repository
Create your feature branch
Commit your changes
Push to the branch
Create a new Pull Request

This server cannot be installed

security - not tested

license - permissive license

quality - not tested

How are these scores calculated?

remote-capable server

The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.

A Model Context Protocol tool for analyzing code repositories, performing security scans, and assessing code quality across multiple programming languages.

Related Resources

Reddit Discussion about this server

Related MCP Servers

code-index-mcp
johnhuang316
A
security
A
license
A
quality
A Model Context Protocol (MCP) server that helps large language models index, search, and analyze code repositories with minimal setup
Last updated -
11
106
Python
MIT License
SafetyCulture MCP Server
zerubroberts
-
security
F
license
-
quality
A Model Context Protocol server that allows users to query and analyze their SafetyCulture inspection data using natural language after providing an API key.
Last updated -
Python
CodeAnalysis MCP Server
0xjcf
A
security
F
license
A
quality
A comprehensive Model Context Protocol server for advanced code analysis that provides tools for syntax analysis, dependency visualization, and AI-assisted development workflow support.
Last updated -
28
4
Python
Code Merge MCP
yy1588133
A
security
A
license
A
quality
A Model Context Protocol server that helps large language models process code repositories by providing file tree generation, code merging, and code analysis capabilities.
Last updated -
3
20
JavaScript
MIT License

View all related MCP servers