CodeQL static analysis tool and semantic code analysis platform

Glama

Search for:

CodeQL static analysis tool and semantic code analysis platform

View all MCP Servers

Why this server?
This server directly integrates with Semgrep, a static analysis tool, to scan code for security vulnerabilities and analyze scan results. This aligns perfectly with CodeQL's purpose of code security analysis.
Semgrep MCP Serverofficial
semgrep
A
security
A
license
A
quality
An MCP server that provides a comprehensive interface to Semgrep, enabling users to scan code for security vulnerabilities, create custom rules, and analyze scan results through the Model Context Protocol.
Last updated -
6
528
MIT License
Why this server?
This server offers comprehensive security auditing, penetration testing, and compliance validation, explicitly mentioning tools like Semgrep and Trivy which are directly related to the kind of code security analysis CodeQL performs.
MCP Shamash
TheAgencyInstitute
-
security
-
license
-
quality
Enables security auditing, penetration testing, and compliance validation with tools like Semgrep, Trivy, Gitleaks, and OWASP ZAP. Features strict project boundary enforcement and supports OWASP, CIS, and NIST compliance frameworks.
Last updated -
Why this server?
Focused on Python code security analysis, this server enables AI tools to detect potential vulnerabilities like SQL injection and XSS by identifying tainted data flows, a core function similar to CodeQL's capabilities.
Lanalyzer MCP Server
bayuncao
-
security
A
license
-
quality
Provides Python code security analysis through the Model Context Protocol, enabling AI tools to detect potential vulnerabilities like SQL injection and XSS by identifying tainted data flows from untrusted sources to sensitive operations.
Last updated -
34
AGPL 3.0
Why this server?
Providing Trivy security scanning, this server allows scanning projects for vulnerabilities and recommending fixes, directly matching CodeQL's area of vulnerability detection.
Trivy Security Scanner MCP Server
norbinsh
-
security
A
license
-
quality
Provides Trivy security scanning capabilities through a standardized interface, allowing users to scan projects for vulnerabilities and automatically fix them by updating dependencies.
Last updated -
10
MIT License
Why this server?
This server offers comprehensive code analysis including quality assessment and security vulnerability detection, which are key aspects of what CodeQL aims to achieve.
Smart Code Reviewer
renjismzy
-
security
A
license
-
quality
Enables comprehensive code analysis including quality assessment, security vulnerability detection, refactoring suggestions, complexity calculations, and automatic documentation generation for multiple programming languages.
Last updated -
5
MIT License
Why this server?
Specializing in comprehensive security vulnerability scanning and code quality analysis for Python applications, this server is highly relevant to CodeQL's functionality for specific language ecosystems.
Python Code Review MCP Agent
JJJHoons
-
security
F
license
-
quality
Enables comprehensive security vulnerability scanning and code quality analysis for Python applications. Provides detailed reports with scoring, actionable suggestions, and comparison tracking specifically designed for backend developers working with frameworks like Django, Flask, and FastAPI.
Last updated -
5
Why this server?
This server integrates with GitHub Advanced Security to load and present security alerts, including Code Security Alerts, directly correlating with the output and concerns of CodeQL.
GHAS MCP server (GitHub Advanced Security)
rajbos
A
security
F
license
A
quality
This server integrates with GitHub Advanced Security to load security alerts and bring it into your context. Supports Dependabot Security Alerts, Secret Scanning Alerts, Code Security Alerts
Last updated -
3
4
5
Why this server?
This server focuses on secure development by listing CVEs (Common Vulnerabilities and Exposures) and their affected/fix versions, which is crucial information for any code vulnerability analysis tool like CodeQL.
OSV
EdenYavin
A
security
A
license
A
quality
The server can be utilized for secure development by listing all packages' CVEs, their affected versions and their fix versions.
Last updated -
4
2
MIT License
Why this server?
This server enables AI agents to retrieve and understand entire codebases, a foundational capability required for deep static analysis tools like CodeQL to operate effectively across a project.
Codebase MCP
DeDeveloper23
A
security
A
license
A
quality
A Model Context Protocol server that enables AI agents to retrieve and understand entire codebases at once, providing tools to analyze local workspaces or remote GitHub repositories.
Last updated -
3
52
MIT License
Why this server?
This server enables understanding and analyzing code structure through function call graphs and dependencies in Python repositories, which is a key part of the semantic analysis performed by CodeQL.
Nuanced MCP Server
mattmorgis
A
security
F
license
A
quality
An MCP server that enables LLMs to understand and analyze code structure through function call graphs, allowing AI assistants to explore relationships between functions and analyze dependencies in Python repositories.
Last updated -
6
12

CodeQL static analysis tool and semantic code analysis platform

Semgrep MCP Serverofficial