Servidoressemgrep/semgrep

semgrep/semgrep

Criado em 2025-03-31

Código Aberto Visitar Servidor

[beta] Use Semgrep in LLMs using MCP framework

Informação

[beta] Semgrep MCP Server

MCP Server for using Semgrep to scan code.

Demo

MCP is like LSP or Unix pipes for LLMs, AI Agents, and coding tools such as Cursor.

Features

This MCP Server provides a comprehensive interface to Semgrep through the Model Context Protocol, offering the following tools:

Scanning Code

semgrep_scan: Scan code snippets for security vulnerabilities
scan_directory: Perform Semgrep scan on a directory

Customization

list_rules: List available Semgrep rules with optional language filtering
create_rule: Create custom Semgrep rules

Results

analyze_results: Analyze scan results including severity counts and top affected files
filter_results: Filter scan results by severity, rule ID, file path, etc.
export_results: Export scan results in various formats (JSON, SARIF, text)
compare_results: Compare two scan results to identify new and fixed issues

Installation

CLI

Install uv using their installation instructions
Ensure you have Python 3.13+ installed
Clone this repository
Install Semgrep (additional methods):
```
pip install semgrep
```

Docker

docker build -t mcp-server .

Usage

CLI

uv run mcp run server.py -t sse

Additional info on the python mcp sdk

Docker

docker run -p 8000:8000 mcp-server

Also published to ghcr.io/semgrep/mcp.

docker run -p 8000:8000 ghcr.io/semgrep/mcp:latest

Creating your own client

from mcp.client import Client

client = Client()
client.connect("localhost:8000")

# Scan code for security issues
results = client.call_tool("semgrep_scan", {
    "code": "def get_user(user_id):\n    return User.objects.get(id=user_id)",
    "language": "python"
})

Cursor Plugin

Go to Cursor > Settings > Cursor Settings
Choose the MCP tab
Click "Add new MCP server"
Name: Semgrep, Type: sse, Server URL: http://127.0.0.1:8000/sse
Ensure the MCP server is enabled

cursor MCP settings

You can also set it up by adding this to ~/.cursor/mcp.json

{
  "mcpServers": {
    "Semgrep": {
      "url": "http://localhost:8000/sse"
    }
  }
}

Advanced Usage

The server supports advanced Semgrep functionality:

# Scan an entire directory
results = client.call_tool("scan_directory", {
    "path": "/path/to/code",
    "config": "p/security-audit"
})

# Filter results by severity
filtered = client.call_tool("filter_results", {
    "results_file": "/path/to/results.json",
    "severity": "ERROR"
})

Developlment

Running the Development Server

Start the MCP server in development mode:

uv run mcp dev server.py

By default, the server runs on http://localhost:3000 with the inspector server on http://localhost:5173.

Note: When opening the inspector sever, add query parameters to the url to increase the default timeout of the server from 10s

http://localhost:5173/?timeout=300000

This project builds upon and is inspired by several awesome community projects:

Core Technologies 🛠️

Semgrep - The underlying static analysis engine that powers this project
Model Context Protocol (MCP) - The protocol that enables AI agent communication

Similar Tools 🔍

semgrep-vscode - Official VSCode extension for Semgrep
semgrep-intellij - IntelliJ plugin for Semgrep

Community Projects 🌟

semgrep-rules - The official collection of Semgrep rules
mcp-server-semgrep - Original inspiration written by Szowesgad and stefanskiasan

MCP Server Registries

Glama

MCP.so

Servidores MCP Recomendados

agent-toolkit-modelcontextprotocol

An open-source agent toolkit that auto-syncs SDK versions, docs, and examples—built for seamless integration with LLMs, and AI agents ( MCP compatible).

filestash-plg_handler_mcp

A comprehensive set of PDF manipulation tools built with the Model Context Protocol (MCP) framework.