Loading connector details…
Semgrep MCP Server
MCPOfficialOpen SourceMIT79.8
by semgrep • Workflow & Task Management
An MCP server that exposes Semgrep's static analysis capabilities to LLMs, IDEs, and agents for scanning code and generating/using Semgrep rules to find security vulnerabilities.
Example Use Cases
- 1
Scan code (including generated code) for security vulnerabilities using Semgrep rules and return deterministic findings.
- 2
Generate, test, and apply custom Semgrep rules programmatically to enforce project-specific security or quality checks.
- 3
Retrieve Semgrep AppSec Platform findings, rule schemas, or AST representations to inform remediation or code understanding workflows.
Description
This MCP server provides tools to run Semgrep scans, create and apply custom Semgrep rules, output ASTs, and fetch findings from the Semgrep AppSec Platform. It supports multiple MCP transports (stdio, SSE, streamable HTTP) and integrates with Cursor, VS Code, ChatGPT, Claude, and other MCP-capable clients. The server is distributed as a Python package and Docker container, enabling easy local or hosted deployment and automation within agent workflows.
Quick Actions
Security
Scanned 3 month(s) agoRisk Level
MINIMAL
Read-only data retrieval, no side effects
Trust Score
D44/100
4/17 checks passed
Scores are informational only and provided “as is” without warranty. AgentHotspot assumes no liability for actions taken based on these ratings.
Quick Stats
Service TypeMCP
Pricing ModelFree
Capabilities0 Tools / 0 Prompts / 0 Resources
Ownersemgrep
CategoryWorkflow & Task Management
DependenciesStandalone
Tags
Code securityStatic analysisRule managementRemediation workflowVulnerabilities