mcpSource-backedReview first Safety ✓ Privacy ✓

jCodeMunch MCP Server

Token-efficient MCP server for source-code exploration that indexes codebases with tree-sitter, then lets agents retrieve symbols, file outlines, dependency context, blast radius, dead code, PR risk, and targeted source snippets instead of reading whole files.

by J. Gravelle·added 2026-06-18·

Claude Code Codex Cursor Claude Desktop

HarnessClaude CodeCodexCursorClaude Desktop

Review first — review before installing

Open the source and read safety notes before installing.

Safety notes

jCodeMunch can index source trees and return exact source snippets, symbol metadata, dependency context, git-derived risk signals, and repository structure to the MCP client.
Use repository allowlists and trusted-folder controls before giving an agent access to private, customer, regulated, or production codebases.
File watching, auto-reindexing, login-service registration, and MCP-client hooks are optional behaviors; review them before enabling persistent background behavior.
The upstream license permits non-commercial use for free but requires a paid license for commercial use.
Treat generated code summaries and repository analysis as advisory context, not approval to edit, delete, publish, or refactor without review.

Privacy notes

Local indexes can contain file paths, symbol names, signatures, summaries, byte offsets, source snippets, dependency relationships, and git-derived metadata.
Optional hosted summarizers or embedding providers may receive source-derived text when configured; prefer local or disabled summarizers for confidential repositories.
The upstream README discloses anonymous aggregate token-savings telemetry with an opt-out setting; review and disable it where policy requires.
Agent hooks and config-audit features may inspect MCP client settings and agent instruction files; review outputs before sharing them outside the project.

Prerequisites

Python 3.10 or newer available to the MCP client runtime.
`uvx` or a Python package installation path for launching `jcodemunch-mcp`.
Local repository access or GitHub access for the codebases you want to index.
Review of the upstream dual-use license before using the tool in a company, client, SaaS, consulting, or other commercial workflow.
Optional API keys only if you enable hosted summarizers, semantic search providers, Groq integration, or private GitHub repository access.

Schema details

Install type: cli
Troubleshooting: No

Source repository stats

Scope: Source repo

Collection metadata

Estimated setup: 10 minutes
Difficulty: advanced

Tool listing metadata

Website: https://j.gravelle.us/jCodeMunch/
Disclosure: jCodeMunch is free for non-commercial use. Commercial use requires a paid license from the upstream author.

Full copyable content

{
  "mcpServers": {
    "jcodemunch": {
      "command": "uvx",
      "args": ["jcodemunch-mcp"]
    }
  }
}

About this resource

Content

jCodeMunch MCP is a source-code exploration server for agents that need precise code context without repeatedly loading entire files. It indexes repositories with tree-sitter, stores structured symbol metadata, and lets MCP clients fetch exact functions, classes, methods, outlines, dependency context, repository maps, and token-budgeted context bundles.

The project is local-first and installable from PyPI as jcodemunch-mcp. The upstream license is dual-use: free for non-commercial use, with a paid license required for commercial use.

Source Review

Verified on 2026-06-18. The PyPI package is jcodemunch-mcp, requires Python 3.10 or newer, exposes the jcodemunch-mcp command, and declares tree-sitter, MCP, HTTP, and configuration dependencies. The server manifest declares stdio transport and the GitHub repository source. The license file states that commercial use requires a paid license.

Features

Index local folders and GitHub repositories for structured code retrieval.
Search symbols by name, kind, language, fuzzy match, semantic match, or hybrid retrieval when optional dependencies are configured.
Retrieve exact symbol implementations and file outlines instead of broad file reads.
Assemble token-budgeted context bundles for coding tasks.
Inspect importers, references, class hierarchy, call hierarchy, dependency cycles, coupling metrics, and blast radius.
Find dead code, untested symbols, changed symbols, similar symbols, hotspots, and structural AST patterns.
Generate repository maps, task context, refactoring plans, symbol provenance, and PR risk profiles.
Support many source languages through tree-sitter and custom extractors.

Installation

For MCP clients that launch local stdio servers:

{
  "mcpServers": {
    "jcodemunch": {
      "command": "uvx",
      "args": ["jcodemunch-mcp"]
    }
  }
}

You can also install the package directly:

pip install jcodemunch-mcp
jcodemunch-mcp

Review the upstream license before using it in a commercial environment.

Use Cases

Let Claude Code, Codex, Cursor, or another agent find exact functions without reading whole files.
Build a small context pack for a bug fix or feature without overloading the model window.
Ask for blast radius, dependency, or call hierarchy before changing shared code.
Find dead code, untested symbols, hotspots, or duplicate implementation candidates.
Analyze a PR branch for symbol-level risk before review.
Explore unfamiliar repositories through structure-first search and outlines.

Safety and Privacy

jCodeMunch works by indexing source repositories. That means the local index and MCP responses may expose proprietary code, file paths, symbol names, signatures, comments, architecture, dependency relationships, and git history. Use explicit allowlists, avoid indexing repositories outside the intended workspace, and do not connect confidential codebases to hosted summarizers unless that is allowed by policy.

Review optional background features before enabling them. File watching, auto-reindexing, login-service installation, MCP-client hooks, config audits, and anonymous aggregate token-savings telemetry are useful in the right environment but should be deliberate choices.

Duplicate Check

Checked current content/mcp/, content/tools/, content/skills/, open pull requests, and repository-wide content for jgravelle/jcodemunch-mcp, jcodemunch-mcp, jCodeMunch MCP, tree-sitter MCP, token-efficient code search, source code exploration MCP, and blast radius MCP. No dedicated jCodeMunch MCP entry, exact source URL duplicate, target file, or open duplicate PR was found.

#code-search #tree-sitter #codebase-analysis #token-optimization #developer-tools

Source citations

Add this badge to your README

Show that jCodeMunch MCP Server is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

[![Listed on HeyClaude](https://heyclau.de/badge/mcp/jcodemunch-mcp-server.svg)](https://heyclau.de/entry/mcp/jcodemunch-mcp-server)

How it compares

jCodeMunch MCP Server side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

Field	jCodeMunch MCP Server Token-efficient MCP server for source-code exploration that indexes codebases with tree-sitter, then lets agents retrieve symbols, file outlines, dependency context, blast radius, dead code, PR risk, and targeted source snippets instead of reading whole files. Open dossier	ChunkHound MCP Server Local-first codebase intelligence MCP server that indexes repositories with tree-sitter, stores searchable chunks in DuckDB, and gives Claude semantic search, regex search, daemon status, and deep code research tools. Open dossier	Searchcode MCP Server Remote MCP server for analyzing, searching, retrieving, and auditing code from public Git repositories without cloning them into the local workspace. Open dossier	Semble MCP Server Local code-search MCP server for agents, using CPU-only hybrid retrieval to index repositories and return focused snippets for natural-language queries. Open dossier
Trust
Install risk	Review first	Review first	Review first	Review first
Notes	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓
Category	mcp	mcp	mcp	mcp
Source	source-backed	source-backed	source-backed	source-backed
Author	J. Gravelle	ChunkHound	searchcode.com	MinishLab
Added	2026-06-18	2026-06-06	2026-06-06	2026-06-05
Platforms	Claude CodeCodexCursorClaude Desktop	Claude CodeClaude Desktop	Claude CodeClaude Desktop	Claude CodeClaude Desktop
Source repo	—	—	—	—
Safety notes	✓jCodeMunch can index source trees and return exact source snippets, symbol metadata, dependency context, git-derived risk signals, and repository structure to the MCP client. Use repository allowlists and trusted-folder controls before giving an agent access to private, customer, regulated, or production codebases. File watching, auto-reindexing, login-service registration, and MCP-client hooks are optional behaviors; review them before enabling persistent background behavior. The upstream license permits non-commercial use for free but requires a paid license for commercial use. Treat generated code summaries and repository analysis as advisory context, not approval to edit, delete, publish, or refactor without review.	✓ChunkHound reads source files, Markdown, text, PDFs, and supported config files under the target directory and stores indexed chunks in a local database. Realtime indexing and daemon mode can continue watching project files after the initial MCP connection. Code research and web search tools require embedding, reranking, and LLM configuration and may invoke local CLIs or external model APIs depending on settings. Exclude generated files, vendored dependencies, secrets, large artifacts, and unrelated repositories before indexing broad workspace roots. Review MCP client configuration carefully when using an absolute project path in a global Claude Desktop config.	✓Searchcode analyzes public repositories through a hosted remote service; do not point it at private repository URLs unless you have a private/enterprise arrangement and have reviewed the current access controls. The service can return code snippets, file contents, symbols, file trees, static-analysis findings, and credential-scan findings from public repositories. Treat tool results as machine-assisted code intelligence. Confirm security findings, complexity claims, and dependency conclusions against the repository before making merge, hiring, acquisition, or incident decisions. Large or repeated repository analysis can create automated traffic to Searchcode; keep agent loops bounded and avoid broad unattended scans.	✓Semble indexes local paths or remote git repositories and returns code chunks through MCP tools. The interactive installer can modify agent configuration files, instruction files, and sub-agent files for supported clients. In MCP mode, local paths can be watched for file changes and re-indexed automatically. Remote repository search accepts git URLs and clones or indexes source on demand. Cached indexes and usage statistics can persist after the MCP session ends.
Privacy notes	✓Local indexes can contain file paths, symbol names, signatures, summaries, byte offsets, source snippets, dependency relationships, and git-derived metadata. Optional hosted summarizers or embedding providers may receive source-derived text when configured; prefer local or disabled summarizers for confidential repositories. The upstream README discloses anonymous aggregate token-savings telemetry with an opt-out setting; review and disable it where policy requires. Agent hooks and config-audit features may inspect MCP client settings and agent instruction files; review outputs before sharing them outside the project.	✓Indexed chunks, file paths, symbols, comments, Markdown, PDFs, configuration values, database files, daemon state, and search results can reveal proprietary source code and internal architecture. Embedding, reranking, LLM, and web search providers may receive code-derived queries or snippets if configured. Local ChunkHound database files, logs, daemon state, and MCP transcripts may retain code-derived context after the session ends. Avoid sharing ChunkHound databases, config files with API keys, verbose logs, research outputs, and screenshots from private repositories.	✓Prompts and tool inputs can reveal which public repositories, symbols, files, dependencies, security concerns, or candidate portfolios a team is investigating. Returned code snippets, findings, file paths, and repository metadata become part of the MCP client transcript and may be processed by the connected model provider. Public code can still contain secrets, personal data, proprietary code accidentally committed upstream, or prompt-injection text. Review returned snippets before forwarding them into other tools or reports. Searchcode's public page says the hosted MCP server is free during beta and does not require signup or an API key; review the live site before production use because pricing and private-code options may change.	✓Source code, filenames, directory structure, snippets, documentation, configuration files, search queries, related-code requests, cache keys, and tool results may be visible to the MCP client and model provider. Using `--content docs`, `--content config`, or `--content all` can include README files, deployment notes, YAML/TOML files, credentials accidentally present in config, and internal runbooks. Persistent cache data may reveal repository names, paths, symbols, comments, and source-derived chunks. Review `.gitignore` and `.sembleignore` coverage before indexing workspaces that contain generated files, vendored code, secrets, customer data, or unrelated private repositories.
Prerequisites	Python 3.10 or newer available to the MCP client runtime. `uvx` or a Python package installation path for launching `jcodemunch-mcp`. Local repository access or GitHub access for the codebases you want to index. Review of the upstream dual-use license before using the tool in a company, client, SaaS, consulting, or other commercial workflow.	Python 3.10 or newer and the `uv` package manager. A local repository or workspace you are authorized to index. ChunkHound JSON config reviewed for database path, excludes, embeddings, and LLM provider settings. Optional embedding provider credentials for semantic search, or regex-only usage when no embedding key is configured.	MCP client with remote Streamable HTTP support, or `mcp-remote` for clients that still need a stdio bridge. Public Git repository URLs or `owner/repo` names for the repositories Claude should inspect. Team agreement that public repository metadata, code snippets, file paths, and static-analysis results may be sent through a hosted third-party MCP service. Client-side policy for whether model-generated findings should be treated as triage hints or reviewed security results.	Python 3.10 or newer and uv available to the MCP client runtime. A local repository or remote git repository you are authorized to index. Approval before the interactive installer modifies MCP client configs, AGENTS.md, CLAUDE.md, or sub-agent files. Cache location and retention reviewed before indexing proprietary repositories.
Install	`uvx jcodemunch-mcp`	`uv tool install chunkhound`	`claude mcp add searchcode --transport http https://api.searchcode.com/v1/mcp`	`uv tool install semble && semble install`
Config	`{ "mcpServers": { "jcodemunch": { "command": "uvx", "args": ["jcodemunch-mcp"] } } }`	`{ "mcpServers": { "chunkhound": { "command": "chunkhound", "args": ["mcp", "/path/to/approved/project"] } } }`	`{ "mcpServers": { "searchcode": { "url": "https://api.searchcode.com/v1/mcp" } } }`	`{ "mcpServers": { "semble": { "command": "uvx", "args": ["--from", "semble[mcp]", "semble", "--content", "all"], "env": { "SEMBLE_CACHE_LOCATION": "ABSOLUTE_CACHE_PATH" } } } }`
Citations	Source repositorygithub.com 2026-06-18T12:49:35+00:00 Documentationgithub.com Websitej.gravelle.us	Source repositorygithub.com 2026-06-18T12:49:35+00:00 Documentationraw.githubusercontent.com Submitted by oktofeesh12026-06-06	Source repositorygithub.com 2026-06-18T12:49:35+00:00 Documentationsearchcode.com Submitted by oktofeesh12026-06-06	Source repositorygithub.com 2026-06-18T12:49:35+00:00 Documentationgithub.com Submitted by oktofeesh12026-06-05
Claim	Unclaimed	Unclaimed	Unclaimed	Unclaimed

Signals

Loading live community signals…