Community MCP server for Semgrep static analysis tool. Agents can scan codebases for security vulnerabilities, detect common bugs and anti-patterns, enforce coding standards with custom rules, and generate compliance reports. Supports 30+ programming languages with community and pro rulesets. Essential for security-focused development agents performing automated code review.
npx -y @semgrep/mcp-server
{
"mcpServers": {
"semgrep": {
"env": {
"SEMGREP_APP_TOKEN": "your-token"
},
"args": [
"-y",
"@semgrep/mcp-server"
],
"command": "npx"
}
}
}Tool details coming soon. This server has 4 tools available.
Community MCP server for Semgrep static analysis tool. Agents can scan codebases for security vulnerabilities, detect common bugs and anti-patterns, enforce coding standards with custom rules, and generate compliance reports. Supports 30+ programming languages with community and pro rulesets. Essential for security-focused development agents performing automated code review.
Semgrep has 4 tools available.
Semgrep offers a free tier with 200 calls per month. For higher usage, paid plans start at €0/month.
You can install Semgrep using the following command: npx -y @semgrep/mcp-server. After installation, add the provided config snippet to your Claude Desktop or Cursor configuration.
Semgrep is listed under the security category in the AgentForge MCP registry.
Semgrep has a current uptime of 99.85% with an average response time of 800ms.
To connect Semgrep, click the "Connect Agent" button on this page to get the configuration snippet. Add it to your MCP client (Claude Desktop, Cursor, or any MCP-compatible tool). Your AI agent will then have access to all of Semgrep's tools via the Model Context Protocol.