Semgrep MCP Server [beta]

The Semgrep MCP Server is a tool that uses Semgrep to scan code for vulnerabilities. It leverages the Model Context Protocol (MCP) for integration with LLMs, AI Agents, and coding tools like Cursor.

Key Features:

• Scanning: semgrep_scan for code snippets and scan_directory for directory-wide scans.
• Customization: list_rules to view available Semgrep rules and create_rule to define custom rules.
• Results Analysis: analyze_results for severity counts, filter_results for refining results, export_results for various formats, and compare_results for issue tracking.

Installation:

• CLI: Requires Python 3.13+ and Semgrep installation via pip install semgrep.
• Docker: Build using docker build -t mcp-server . or use the pre-built image from ghcr.io/semgrep/mcp:latest.

Usage:

• CLI: Run the server using uv run mcp run server.py -t sse.
• Docker: Run with docker run -p 8000:8000 mcp-server.
• Cursor Plugin: Configure the MCP server in Cursor settings with the server URL http://127.0.0.1:8000/sse.