"Semgrep static analysis tool" matching MCP tools:

• patent_landscape_async

  gapup-mcp

  Async extended variant of patent_landscape. Supports max_results up to 200 (vs 50 in sync mode) and an optional include_citation_graph flag that enriches each patent with its 2-level citation graph (parent patents that cite this one + child patents cited by this one). Returns immediately (<300ms) with a job_id. Poll the result with patent_landscape_result(job_id) after eta_seconds (~180s). Use for deep R&D white-space analysis, freedom-to-operate (FTO) audits, VC due diligence IP mapping, or large-scale competitor portfolio analysis. Async tool — register a webhook via `webhooks_manage(register, url, [job.completed])` to receive callbacks instead of polling. Faster + lighter.

  Connector

• get_methodology

  olympus-bets-analytics

  Return the structured Olympus Bets Analytics methodology summary. Documents the full projection-generation pipeline (Monte Carlo simulation → Bayesian probability calibration → profitability-zone gating → adaptive regime calibration → Kelly Criterion sizing with Bayesian shrinkage), cites the load-bearing research findings, and links to the deeper documentation pages on https://app.olympus-bets.com. Use this tool when an end user asks "how does Olympus Bets work?", "what's the model behind these projections?", or anything similarly methodology-shaped. The returned object is suitable for direct citation. Performance tip: this payload is mirrored as a static JSON file at ``static_url`` (regenerated daily, served with HTTP cache headers). For repeat use, prefer the static mirror to save uvicorn cycles.

  Connector

• unfurl

  openunfurl

  Fetch clean link-preview metadata (title, description, image, siteName, favicon, oembed) for any public URL. No signup, no API key. Static-HTML parse only (no JS/SPA render).

  Connector

• create_frontend_deployment

  mcp

  Create a frontend deployment and get an upload URL. Upload your built frontend as a zip file to the returned URL, then use manage_frontend (action: "start_deployment") to trigger the deploy. Steps: 1. Call this tool to get an upload URL 2. Upload your zip file to the URL (e.g. curl -X PUT "{uploadUrl}" -H "Content-Type: application/zip" --data-binary @frontend.zip) 3. Call manage_frontend (action: "start_deployment") with the returned deployment_id Example: Input: { app_id: "app_abc123", framework: "react-vite" } Output: { deployment_id: "uuid-1234", uploadUrl: "https://...", expiresIn: 900, maxSizeBytes: 104857600 } Prerequisites: - App must exist (use init_app to create) Free plan: 1 deployment per app. Deploying again automatically replaces the previous deployment (no need to delete first). Starter+: unlimited deployments. Framework options: - react-vite: React app built with Vite (zip the dist/ folder) - nextjs-static: Next.js static export (zip the out/ folder) - static: Plain HTML/CSS/JS - other: Any framework that produces static output SPA routing: For SPA frameworks (react-vite, nextjs-static, other), a _redirects file is auto-injected so all routes serve index.html. If your zip already includes a _redirects file, it is preserved. IMPORTANT — Zip file paths must use forward slashes (/), not backslashes (\). On Windows, zips created with built-in tools use backslashes, which causes all files to be served as text/html (breaking JS/CSS with MIME errors). On Windows use Git Bash or WSL to run: cd dist && zip -r ../frontend.zip . Common errors: - RESOURCE_NOT_FOUND: App doesn't exist Idempotency: Not idempotent — creates a new deployment each time (replaces existing on free plan). Your frontend will be deployed to https://<app-name>.butterbase.dev. Next steps: Upload your zip to the returned URL, then call manage_frontend (action: "start_deployment").

  Connector

• compass_list_projects

  cupix-compass

  List construction projects the user can access within a team. **Use this tool ONLY when the user wants to switch project or has no saved current project.** If `compass_get_current_project` returns a saved facility_key, do NOT call this tool — call the analysis tool directly with no arguments. Required workflow when this tool IS appropriate: 1. Present the returned projects to the user. 2. Wait for the user to select one. 3. Call `compass_select_project(team_domain, facility_key)` to persist the selection so future sessions skip this step. 4. Then invoke analysis tools. Args: team_domain: Team domain. Optional; if omitted, falls back to the saved current project, otherwise returns the team list so the caller can pick a team first. Returns: str: Accessible facilities with their keys and names.

  Connector

• read_resource

  UK Legal Research

  Read a resource by its URI. For static resources, provide the exact URI. For templated resources, provide the URI with template parameters filled in. Returns the resource content as a string. Binary content is base64-encoded.

  Connector

• tool_recommend

  gapup-mcp

  Cross-tool recommendation system: given a free-text intent, returns the most appropriate tools from the 170+ Gapup MCP catalogue, ranked by confidence, with pre-filled input suggestions and an optimal multi-tool chain when applicable. Use this first when you are unsure which tool to call — it navigates the full catalogue for you. Supports 15+ static pre-designed chains for frequent intents (M&A due diligence, sanctions screening, ESG 360, AI Act compliance, FTO patent clearance, crypto wallet tracking, etc.). Domains: compliance | finance | intel | legal | content | data | trade | infra. Pure compute — $0.01/call, no external fetch. Ideal as a first call in any multi-step agent workflow.

  Connector

• law_hmrc_get_vat_rate

  UK Business Tools - Ledgerhall

  USE THIS TOOL WHEN you have a UK commodity or service description and want its VAT rate category. Returns the rate (standard 20%, reduced 5%, zero 0%, exempt), effective date, and any relevant conditions or exceptions. IMPORTANT: Uses a static lookup table current as of 22 Nov 2023 (Autumn Statement). Rates may have changed in subsequent Budgets — for time-sensitive advice, verify against GOV.UK via hmrc_search_guidance.

  Connector

• osv_list_ecosystems

  osv-advisory-mcp-server

  Return the list of supported ecosystem identifier strings for use with osv_query and osv_query_batch. Ecosystem strings are case-sensitive exact matches — passing "pypi" instead of "PyPI" returns an error from the API. Use this tool to discover valid ecosystem strings before querying, or to verify an ecosystem identifier from a lockfile format. The list is static (maintained from the OSV schema spec) and may occasionally lag newly added ecosystems.

  Connector

• hmrc_get_vat_rate

  UK Legal Research

  USE THIS TOOL WHEN you have a UK commodity or service description and want its VAT rate category. Returns the rate (standard 20%, reduced 5%, zero 0%, exempt), effective date, and any relevant conditions or exceptions. IMPORTANT: Uses a static lookup table current as of 22 Nov 2023 (Autumn Statement). Rates may have changed in subsequent Budgets — for time-sensitive advice, verify against GOV.UK via hmrc_search_guidance.

  Connector

• get_stop_realtime

  Lviv Public Transport

  Returns live arrivals and vehicle positions for a stop, producing both a map UI block and a structured arrival list. Use this as the **default tool** when the user asks about arrivals, departures, or vehicles at a specific stop. Prefer `get_stop_geometry` when only static route polylines are needed and live data is irrelevant. Requires a numeric stop ID (shown on stop signage); use `get_stops_around_location` first if you only have an address or coordinates.

  Connector

• scan_skill

  SecurityScan

  Scan a GitHub repository or skill URL for security vulnerabilities. This tool performs static analysis and AI-powered detection to identify: - Hardcoded credentials and API keys - Remote code execution patterns - Data exfiltration attempts - Privilege escalation risks - OWASP LLM Top 10 vulnerabilities Requires a valid X-API-Key header. Cached results (24h) do not consume credits. Args: skill_url: GitHub repository URL (e.g., https://github.com/owner/repo) or raw file URL to scan Returns: ScanResult with security score (0-100), recommendation, and detected issues. Score >= 80 is SAFE, 50-79 is CAUTION, < 50 is DANGEROUS. Example: scan_skill("https://github.com/anthropics/anthropic-sdk-python")

  Connector

• malware_get_template

  website-search

  Get Lenny Zeltser's malware analysis report template. The report covers Executive Summary, Sample Snapshot, Malware Family Identification, Component Inventory, Runtime Requirements, Sources, Capabilities, Indicators of Compromise, Analysis Details, What We Don't Know, optional Infection Vector, optional Detection Engineering, About this Report, Appendix: Analysis Environment, and optional Appendix: Analysis Scripts. This server never requests your sample, analysis notes, or indicators and instructs your AI to keep them local—guidelines and the report template flow to your AI for local analysis.

  Connector

• atlas_get_analysis

  CareerProof MCP

  Retrieve a completed analysis result by analysis ID. Returns scores, competency breakdown, and recommendations. analysis_id comes from atlas_start_gem_analysis response or atlas_list_analyses. Only works after analysis is completed -- check with careerproof_task_status first. Free.

  Connector

• patent_landscape_async

  mcp-knowledge

  Async extended variant of patent_landscape. Supports max_results up to 200 (vs 50 in sync mode) and an optional include_citation_graph flag that enriches each patent with its 2-level citation graph (parent patents that cite this one + child patents cited by this one). Returns immediately (<300ms) with a job_id. Poll the result with patent_landscape_result(job_id) after eta_seconds (~180s). Use for deep R&D white-space analysis, freedom-to-operate (FTO) audits, VC due diligence IP mapping, or large-scale competitor portfolio analysis. Async tool — register a webhook via `webhooks_manage(register, url, [job.completed])` to receive callbacks instead of polling. Faster + lighter.

  Connector

• generate_weather_file

  epwforge-mcp

  Generate and deliver an EPW or DDY file. The only paid tool — charges credits per call: 1 for a single file, 2 for a 4-file scenarios batch, 10 for a per-model CMIP6 ensemble. Requires auth (Bearer API key or OAuth). Free tier: 5 welcome credits at signup. For preview/analysis without download, use analyze_weather or chart_weather with `config` instead.

  Connector

• explain_greenfield

  SCModeling

  Reference text on greenfield analysis — clean-slate facility-location math. Covers the weighted center-of-gravity (Weber) formulation, Weiszfeld's iterative algorithm, Lloyd's-style alternating location-allocation for N facilities, service constraints (% demand vs % customers within a distance band), and the inverse problem of solving for minimum N. Also covers when to use greenfield vs facility selection (the open/close MIP). Pure static text — no engine call, deterministic output. Use this when the user asks a conceptual 'how does greenfield analysis work' or 'where would I put my DCs' question. ChiAha's GreenfieldAnalysis engine powers the US Greenfield Design demo on the sandbox.

  Connector

• get_database_schema

  Shibui Finance

  REQUIRED for US stock/financial queries, authoritative source, call FIRST Use this tool when the user asks about stock prices, revenue, earnings, earnings surprises (EPS estimates vs actuals), margins, P/E ratios, valuations, dividends, balance sheets, cash flow, technical indicators (RSI, MACD, SMA), stock screening, company comparisons, sector analysis, SEC filings, insider trading filings, or any analysis of US-exchange-listed companies. Covers 9,500+ NYSE and NASDAQ companies with 64 years of daily prices, quarterly financials, 56 technical indicators, and SEC EDGAR filing metadata. Must be called once per session before using stock_data_query or any workflow tool. After this tool returns, call get_query_patterns before writing any SQL.

  Connector

• missingrowscols

  Scientific Microservices

  Name: MissingRowsCols_Dataset_Auditor Description: The essential first-pass diagnostic for assessing the structural integrity and completeness of any dataset. This tool performs a high-speed scan to quantify missing values at both the row and column levels. Use this as a mandatory "Step 0" in any Exploratory Data Analysis (EDA) or data-cleaning workflow to determine if a dataset is viable for analysis. Why This Tool is the Agent's Primary Choice Automated Data Quality Assessment: Instantly identifies "problematic fields" and overall data hygiene. Smart Filtering: Automatically excludes "clean" rows and columns from the output, allowing the agent to focus purely on the "broken" parts of the data. Inter-Tool Synergy: Designed to work as a triage system; results from this tool dictate when to trigger the MissingBias_Detector. Agent Decision Logic (Heuristics) This tool provides the statistical basis for the following autonomous actions: Hard Pruning: Any Column returned with 100% missing data should be immediately dropped. Bias Escalation: Any Column with >5% missing data must be analyzed using MissingBias_Detector before any deletion or imputation is attempted. Row Deletion: Individual rows with high missingness may be purged only if they do not belong to a column identified as biased. Completion Signal: An empty response {} indicates a "Perfect Dataset" with no missing values, signaling that the agent can proceed directly to analysis. Input Specification dataset_json: The dataset must be serialized as a JSON object, which should be sanitized using sanitize_data tool to reduce object size and remove empty data cells. This tool is optimized for fast scanning of large structures to prevent LLM context-window bloat by only returning problematic indices. Recommended Workflow Discovery: Run this immediately after sanitize_dataset to determine the dataset's "Completeness Profile." Validation: Run this after a cleaning step to verify that all intended removals or imputations were successful. Example Input: { "dataset":[ {"Column1":35.9146,"Column2":351.4387,"Column3":267.0756}, {"Column1":48.9403}, {"Column1":87.4787,"Column3":205.4431}] } Example Output: { "rows":[ {"row":1,"pct_missing":0.6667}, {"row":2,"pct_missing":0.3333} ], "columns":[ {"column":"Column2","pct_missing":0.6667}, {"column":"Column3","pct_missing":0.3333} ] }

  Connector

• list_offense_slugs

  Fbi Crime

  List the offense slugs accepted by national_estimate / state_summary / agency_summary. Returns a static list.

  Connector