Semgrep
MCP server for using Semgrep to scan code for security vulnerabilities.
8 Tools
Add to Docker Desktop
Version 4.43 or later needs to be installed to add the server automatically
Tools
| Name | Description |
|---|---|
semgrep_scan_with_custom_rule | Runs a Semgrep scan with a custom rule on provided code content and returns the findings in JSON format Use this tool when you need to: - scan code files for specific security vulnerability not covered by the default Semgrep rules - scan code files for specific issue not covered by the default Semgrep rules |
semgrep_scan | Runs a Semgrep scan on provided code content and returns the findings in JSON format Use this tool when you need to: - scan code files for security vulnerabilities - scan code files for other issues |
semgrep_scan_local | Runs a Semgrep scan locally on provided code files returns the findings in JSON format. Files are expected to be in the current paths are absolute paths to the code files. Use this tool when you need to: - scan code files for security vulnerabilities - scan code files for other issues |
Manual installation
You can install the MCP server using:
Installation for