Semgrep Scanner
FreeNot checkedRun Semgrep static analysis from an AI agent. OWASP top 10, secrets detection, custom rule packs, baseline scanning. Curated by Archimedes Market with a verifie
About
Run Semgrep static analysis from an AI agent. OWASP top 10, secrets detection, custom rule packs, baseline scanning. Curated by Archimedes Market with a verified Trust Report.
README
Archimedes Trust Report — VERIFIED 92/100
Verified asset on Archimedes Market. View the full 4-dimension Trust Report (security · quality · license · complexity) and the curated catalog on the asset page.
MCP Semgrep Scanner
Run Semgrep static analysis from an AI agent. Lets an agent scan a repo with prebuilt rulesets (OWASP top 10, secrets, language-specific packs), surface findings with severity scoring, and run baseline diffs to focus only on newly-introduced issues.
Tools
scan— run a default scan (p/security-audit + p/secrets) and return findings sorted by severityscan_with_ruleset— scan with one or more named rulesets (p/owasp-top-ten,p/python, etc.)list_rulesets— built-in rulesets available without a Semgrep accountget_finding_details— full rule metadata + remediation hint for a finding IDbaseline_scan— scan only files modified since a git ref (HEAD~1, main, custom SHA)
What gets returned
Each finding includes:
rule_id— the Semgrep rule that matchedseverity—ERROR|WARNING|INFOcwe— CWE classification if availableowasp— OWASP category mappingfile+line_start+line_endmessage— human-readable explanationfix— suggested patch if available
Quick start
pip install mcp-semgrep-scanner
# Optional: Semgrep account token for Pro rules
export SEMGREP_APP_TOKEN="..."
mcp-semgrep-scanner serve
Typical agent workflow
Agent: "Are there any security issues in this PR?"
↓
1. baseline_scan(repo="/path/to/repo", base_ref="origin/main")
→ returns only findings introduced by the PR's diff
2. get_finding_details(finding_id=...) for the ERROR-severity ones
3. Agent suggests fixes inline in PR review
License
MIT.
Install Semgrep Scanner in Claude Desktop, Claude Code & Cursor
unyly install mcp-semgrep-scannerInstalls into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.
First time? Get the CLI: curl -fsSL https://unyly.org/install | sh
Or configure manually
Run in your terminal:
claude mcp add mcp-semgrep-scanner -- uvx --from git+https://github.com/archimedes-market/mcp-semgrep-scanner mcp-semgrep-scannerFAQ
Is Semgrep Scanner MCP free?
Yes, Semgrep Scanner MCP is free — one-click install via Unyly at no cost.
Does Semgrep Scanner need an API key?
No, Semgrep Scanner runs without API keys or environment variables.
Is Semgrep Scanner hosted or self-hosted?
Self-hosted: the server runs locally on your machine via the install command above.
How do I install Semgrep Scanner in Claude Desktop, Claude Code or Cursor?
Open Semgrep Scanner on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.
Related MCPs
Fetch
Web content fetching and conversion for efficient LLM usage.
AWS KB Retrieval
Retrieval from AWS Knowledge Base using Bedrock Agent Runtime.
by modelcontextprotocolSpring AI MCP Server
Provides auto-configuration for setting up an MCP server in Spring Boot applications.
llm-analysis-assistant
A very streamlined mcp client that supports calling and monitoring stdio/sse/streamableHttp, and can also view request responses through the /logs page. It also
by xuzexin-hzCompare Semgrep Scanner with
Not sure what to pick?
Find your stack in 60 seconds
Author?
Embed badge for your README
Browse similar
All ai MCPs
