Argos

Argus - Repository Analysis and Security Assessment Tool

A powerful Model Context Protocol (MCP) tool for analyzing code repositories, performing security scans, and assessing code quality across multiple programming languages.

Features

Multi-Language Support
- Go: gocyclo, golangci-lint analysis
- Java: PMD static analysis
- Python: Pylint, Bandit security checks
- JavaScript/TypeScript: ESLint analysis
- Automatic language detection
Security Scanning
- Integrated Trivy vulnerability scanner
- Comprehensive security reports
- Support for multiple branches
Git Operations
- Branch enumeration and management
- Commit history analysis
- Diff comparisons
- Repository structure visualization

Installation

Prerequisites

Python 3.8+
Git
libmagic (system dependency)

System Dependencies

macOS

brew install libmagic

Linux (Ubuntu/Debian)

sudo apt-get update
sudo apt-get install -y libmagic1

Installation via uv

uvx argus

Usage

Basic MCP Commands

# Analyze repository structure
analyze_repository_structure(
    repo_url="https://gitlab.com/user/repo",
    gitlab_credentials={"api_key": "your-token"},  # Optional
    branch="main"  # Optional
)

# Perform code quality analysis
analyze_code_quality(
    repo_url="https://gitlab.com/user/repo",
    language="python"  # Optional, will auto-detect if not specified
)

# Security scan
security_scan_repository(
    repo_url="https://gitlab.com/user/repo",
    scan_type="trivy"
)

# Compare changes
compare_git_changes(
    repo_url="https://gitlab.com/user/repo",
    source="feature-branch",
    target="main"
)

# Security scan repository
security_scan_repository(
    repo_url="https://gitlab.com/user/repo",
    scan_type="trivy"
)

### MCP Configuration

```json
{
    "command": "uvx",
    "args": [
        "--from",
        "git+https://github.com/athapong/argus",
        "argus"
    ],
    "alwaysAllow": [
        "get_commit_history",
        "enumerate_branches",
        "compare_git_changes",
        "analyze_code_quality",
        "security_scan_repository"  
    ],
    "timeout": 300
}

Supported Analysis Tools

Language	Tools	Installation
Go	gocyclo, golangci-lint	`go install github.com/fzipp/gocyclo/cmd/gocyclo@latest`
Java	PMD	macOS: `brew install pmd`, Linux: Auto-installed
Python	Pylint, Bandit	Auto-installed via dependencies
JavaScript	ESLint	`npm install -g eslint`

Environment Variables

SKIP_SYSTEM_CHECK: Set to any value to skip system dependency checks
PATH: Automatically updated for tool installations

Error Handling

The tool provides detailed error messages and graceful fallbacks:

Dependency installation failures show warnings instead of errors
Language detection falls back to specified language if auto-detection fails
Tool execution errors are captured in the response structure

License

MIT License

Contributing

Fork the repository
Create your feature branch
Commit your changes
Push to the branch
Create a new Pull Request

This server cannot be installed

security - not tested

license - permissive license

quality - not tested

How are these scores calculated?

remote-capable server

The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.

Una herramienta de protocolo de contexto de modelo para analizar repositorios de código, realizar análisis de seguridad y evaluar la calidad del código en múltiples lenguajes de programación.

Related Resources

Reddit Discussion about this server

Related MCP Servers

code-index-mcp
johnhuang316
A
security
A
license
A
quality
A Model Context Protocol (MCP) server that helps large language models index, search, and analyze code repositories with minimal setup
Last updated -
12
321
MIT License
SafetyCulture MCP Server
zerubroberts
-
security
F
license
-
quality
A Model Context Protocol server that allows users to query and analyze their SafetyCulture inspection data using natural language after providing an API key.
Last updated -
CodeAnalysis MCP Server
0xjcf
A
security
F
license
A
quality
A comprehensive Model Context Protocol server for advanced code analysis that provides tools for syntax analysis, dependency visualization, and AI-assisted development workflow support.
Last updated -
28
4
Code Merge MCP
yy1588133
A
security
A
license
A
quality
A Model Context Protocol server that helps large language models process code repositories by providing file tree generation, code merging, and code analysis capabilities.
Last updated -
3
22
MIT License

View all related MCP servers

Argus