Performs static code analysis for JavaScript/TypeScript projects to identify code quality issues
Enables branch enumeration, commit history analysis, diff comparisons, and repository structure visualization
Allows repository analysis and security scanning for GitHub repositories
Supports repository analysis and security scanning with optional authentication via API tokens
Provides code quality analysis and security scanning for JavaScript codebases
Supports running on Linux environments with appropriate system dependency installation
Supports running on macOS environments with appropriate system dependency installation
Provides code quality analysis with Pylint and security checks with Bandit for Python codebases
Integrated vulnerability scanner for comprehensive security reports across repositories
Provides code quality analysis and security scanning for TypeScript codebases
Supports running on Ubuntu with specific installation instructions for required dependencies
Argus - Repository Analysis and Security Assessment Tool
A powerful Model Context Protocol (MCP) tool for analyzing code repositories, performing security scans, and assessing code quality across multiple programming languages.
Features
- Multi-Language Support
- Go: gocyclo, golangci-lint analysis
- Java: PMD static analysis
- Python: Pylint, Bandit security checks
- JavaScript/TypeScript: ESLint analysis
- Automatic language detection
- Security Scanning
- Integrated Trivy vulnerability scanner
- Comprehensive security reports
- Support for multiple branches
- Git Operations
- Branch enumeration and management
- Commit history analysis
- Diff comparisons
- Repository structure visualization
Installation
Prerequisites
- Python 3.8+
- Git
- libmagic (system dependency)
System Dependencies
macOS
Linux (Ubuntu/Debian)
Installation via uv
Usage
Basic MCP Commands
Supported Analysis Tools
Language | Tools | Installation |
---|---|---|
Go | gocyclo, golangci-lint | go install github.com/fzipp/gocyclo/cmd/gocyclo@latest |
Java | PMD | macOS: brew install pmd , Linux: Auto-installed |
Python | Pylint, Bandit | Auto-installed via dependencies |
JavaScript | ESLint | npm install -g eslint |
Environment Variables
SKIP_SYSTEM_CHECK
: Set to any value to skip system dependency checksPATH
: Automatically updated for tool installations
Error Handling
The tool provides detailed error messages and graceful fallbacks:
- Dependency installation failures show warnings instead of errors
- Language detection falls back to specified language if auto-detection fails
- Tool execution errors are captured in the response structure
License
MIT License
Contributing
- Fork the repository
- Create your feature branch
- Commit your changes
- Push to the branch
- Create a new Pull Request
This server cannot be installed
remote-capable server
The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.
A Model Context Protocol tool for analyzing code repositories, performing security scans, and assessing code quality across multiple programming languages.
- Features
- Installation
- Usage
- Supported Analysis Tools
- Environment Variables
- Error Handling
- License
- Contributing
Related Resources
Related MCP Servers
- AsecurityAlicenseAqualityA Model Context Protocol (MCP) server that helps large language models index, search, and analyze code repositories with minimal setupLast updated -11106PythonMIT License
- -securityFlicense-qualityA Model Context Protocol server that allows users to query and analyze their SafetyCulture inspection data using natural language after providing an API key.Last updated -Python
- AsecurityFlicenseAqualityA comprehensive Model Context Protocol server for advanced code analysis that provides tools for syntax analysis, dependency visualization, and AI-assisted development workflow support.Last updated -284Python
- AsecurityAlicenseAqualityA Model Context Protocol server that helps large language models process code repositories by providing file tree generation, code merging, and code analysis capabilities.Last updated -320JavaScriptMIT License