drio
Open app

MCP Server Semgrep

Source

MCP Server Semgrep is a [Model Context Protocol](

Catalog onlyCatalog onlySTDIO

Overview

MCP Server Semgrep is a Model Context Protocol compliant server that integrates the Semgrep static analysis tool with AI assistants like Anthropic Claude, enabling advanced code analysis, security vulnerability detection, and code quality improvements through a conversational interface.

To use MCP Server Semgrep, clone the repository from GitHub, install the necessary dependencies, and set up the integration with Claude Desktop to start analyzing your code.

  • Holistic source code analysis across entire projects. - Proactive error detection and continuous code quality improvement. - Automated code verification for known vulnerabilities. - Customizable security rules and team education on secure programming practices. - Live documentation and technical debt reduction.
  1. Code security analysis before deployment.
  2. Detection of common programming errors.
  3. Enforcing coding standards within a team.
  4. Refactoring and improving the quality of existing code.
  5. Developer education regarding best practices.

Add to your AI client

Use these steps to connect MCP Server Semgrep in Cursor, Claude, VS Code, and other MCP-compatible apps. The same JSON appears in the Use with menu above for one-click copy.

Cursor

Add this to your .cursor/mcp.json file in your project root, then restart Cursor.

.cursor/mcp.json

{
  "mcpServers": {
    "mcp-server-semgrep-szowesgad": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mcp-server-semgrep-szowesgad"
      ]
    }
  }
}

Claude Desktop

Add this server entry to the mcpServers object in your Claude Desktop config, then restart the app.

~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows)

{
  "mcpServers": {
    "mcp-server-semgrep-szowesgad": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mcp-server-semgrep-szowesgad"
      ]
    }
  }
}

Claude Code

Add this to your project's .mcp.json file. Claude Code will detect it automatically.

.mcp.json (project root)

{
  "mcpServers": {
    "mcp-server-semgrep-szowesgad": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mcp-server-semgrep-szowesgad"
      ]
    }
  }
}

VS Code (Copilot)

Add this to your .vscode/mcp.json file. Requires the GitHub Copilot extension with MCP support enabled.

.vscode/mcp.json

{
  "servers": {
    "mcp-server-semgrep-szowesgad": {
      "type": "stdio",
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mcp-server-semgrep-szowesgad"
      ]
    }
  }
}

Windsurf

Add this to your Windsurf MCP config file, then restart Windsurf.

~/.codeium/windsurf/mcp_config.json

{
  "mcpServers": {
    "mcp-server-semgrep-szowesgad": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mcp-server-semgrep-szowesgad"
      ]
    }
  }
}

Cline

Open Cline settings, navigate to MCP Servers, and add this server configuration.

Cline MCP Settings (via UI)

{
  "mcpServers": {
    "mcp-server-semgrep-szowesgad": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-mcp-server-semgrep-szowesgad"
      ]
    }
  }
}

FAQ

Can MCP Server Semgrep detect all types of vulnerabilities?

Yes, it can detect a wide range of vulnerabilities based on the rules defined.

Is MCP Server Semgrep free to use?

Yes, it is open-source and available for free on GitHub.

What programming languages does MCP Server Semgrep support?

It supports multiple languages including JavaScript, TypeScript, CSS, and more.7:["$","div",null,{"className":"container mx-auto flex flex-col gap-4","children":["$L26","$L27",["$","$L28",null,{"currentProject":{"id":2201,"uuid":"6df441c8-de27-4352-848e-545b317cc1db","name":"mcp-server-semgrep","title":"MCP Server Semgrep","description":"MCP Server Semgrep is a [Model Context Protocol](","avatar_url":"https://avatars.githubusercontent.com/u/155201063?v=4","created_at":"2025-03-09T04:08:30.856Z","updated_at":"2025-03-12T10:19:31.867Z","status":"created","author_name":"Szowesgad","author_avatar_url":"https://avatars.githubusercontent.com/u/155201063?v=4","tags":"semgrep,anthropic-claude,modelcontextprotocol","category":"developer-tools","is_featured":false,"sort":1,"url":"https://github.com/Szowesgad/mcp-server-semgrep","target":"_self","content":"$29","summary":"$2a","img_url":"https://camo.githubusercontent.com/50a9d86055205cd7f80bd0d065364fe2bba9f5fc79e42e7b8af28c40d72c3bd9/68747470733a2f2f736d6974686572792e61692f62616467652f40537a6f7765736761642f6d63702d7365727665722d73656d67726570","type":null,"metadata":"{\"star\":\"4\",\"license\":\"MIT license\",\"language\":\"JavaScript\",\"is_official\":false,\"latest_commit_time\":\"2025-03-20 08:54:00\"}","user_uuid":"078fedbc-d781-4877-b031-daee3efea2c0","tools":null,"sse_url":null,"sse_provider":null,"sse_params":null,"is_official":false,"server_command":null,"server_params":null,"server_config":null,"allow_call":false,"is_innovation":false,"is_dxt":false,"dxt_manifest":null,"dxt_file_url":null,"is_audit":false},"randomProjects":[],"currentServerKey":"$undefined"}]]}]

Developer tools