Run static code analysis on provided files using Semgrep to detect vulnerabilities and return findings in JSON format for detailed inspection and remediation.
MIT
204,191 tools. Last updated 2026-06-14 22:53
"Semgrep static analysis tool" matching MCP tools:
- Retrieve a list of programming languages supported by Semgrep to ensure compatibility and targeted code analysis for security vulnerabilities.MIT
- Runs SAST security scans on source code via Semgrep, detecting SQL injection, XSS, command injection, and hardcoded credentials with CWE classifications.Apache 2.0
- Find available Semgrep static analysis rules, optionally filtering by programming language to discover security and code quality checks for your project.MIT
- Scan a directory for security vulnerabilities and code quality issues using Semgrep static analysis. Specify the absolute directory path and optionally choose a rule configuration.MIT
- Search static analysis findings by project, tool, rule, severity, or file path to quickly locate specific code issues.MIT
Matching MCP Servers
- AlicenseBqualityAmaintenanceA Model Context Protocol compliant server that integrates Semgrep static analysis tool with AI assistants like Anthropic Claude, enabling advanced code analysis, security vulnerability detection, and code quality improvements through a conversational interface.Last updated731028MIT
- Alicense-qualityDmaintenanceEnables integration of Semgrep in development environments via the MCP protocol, supporting static code analysis, rule management, and scan result operations.Last updated2MIT
Matching MCP Connectors
MCP server for SEO and web analysis data including keyword rankings, backlink profiles, site audits, and traffic analytics for AI agents.
Site crawl + tech stack + DNS + SSL + WHOIS — five web-intel layers in one MCP.
- Analyze source code for security vulnerabilities using semgrep-powered static application security testing.MIT
- Create a new Semgrep rule to detect code patterns by specifying a search pattern, target language, and message. Output the rule to a file for use in static analysis.MIT
- Execute static code analysis using tsc and semgrep to detect issues in TypeScript and other code, returning structured findings for review.
- Retrieve static information for securities: symbol, names in Chinese and English, exchange, type, lot size, listed date, and delisted status.MIT
- Run configured quality gates (PHPStan, Rector, ECS) to confirm static-analysis and style checks pass before committing.MIT
- Scores Python source files against the Tool Definition Quality Score rubric to catch low-quality MCP tool docstrings before publishing.MIT
- Run static policy checks on Go repository graphs to detect package layer violations, API drift, complex functions, and untested symbols. Returns structured results for PR review or pre-commit analysis.MIT
- Reserved placeholder for future deep-dive analysis. Currently returns a planned status message; no analysis performed.MIT
- Restarts a local YDB profile: stops dynamic and static containers, starts the static node, ensures the configured tenant, then starts the dynamic node. Use after config or runtime changes; omit confirm to preview the restart plan.MIT
- Builds a Storybook static site for an existing project, or returns setup guidance if Storybook is not configured.MIT
- Deploy a static website from an archive file to a hosting server. The archive must contain pre-built HTML, CSS, and JavaScript files ready to serve, with no build process required.MIT
- Identify file types and get recommended REMnux malware analysis tools to plan investigation strategies before execution.GPL 3.0
- Bootstraps a plain local YDB root database with a static node. Provides a preflight plan by default; set confirm=true to execute.MIT
- Read recent Docker logs from local-ydb static or dynamic containers to troubleshoot bootstrap, restart, or readiness check failures.MIT