Semgrep MCP Server
Semgrep's open source Model Context Protocol (MCP) server enables you to scan for security vulnerabilities.
Semgrep is a fast, deterministic static analysis tool that semantically understands many languages and comes with over 5,000 rules. Model Context Protocol (MCP) is a standardized API for LLMs, Agents, and IDEs like Cursor, VS Code, Windsurf, or any tool that supports MCP to receive specialized help, gain context, and harness the power of tools.
Semgrep's open source MCP works with any IDE-based MCP client, enabling LLMs to use Semgrep to find and fix security issues in the code they generate.
Semgrep MCP Server is a beta project in active development. Join the #mcp Slack community channel to provide your feedback, bug reports, feature requests, and code contributions.
To learn more and get started, see the Semgrep MCP server repo on GitHub.
Not finding what you need in this doc? Ask questions in our Community Slack group, or see Support for other ways to get help.