mcpSource-backedReview first Safety ✓ Privacy ✓

Semgrep MCP Server for Claude

Connect Claude to Semgrep — scan code for security vulnerabilities, run custom rules, inspect the AST, and pull AppSec Platform findings — with the official Semgrep Model Context Protocol server.

by Semgrep·added 2026-06-17·

Claude Code Codex Cursor Claude Desktop

HarnessClaude CodeCodexCursorClaude Desktop

Install

Source

claude mcp add semgrep -- uvx semgrep-mcp

Readiness

TrustReview first
Sourcesource-backed
Safety notesPresent
ReviewedYes

Documentation Source repository Registry JSON · LLM text

Review first — review before installing

Open the source and read safety notes before installing.

Safety notes

The scanning tools read your source code to analyze it; run the server only on code you trust it to access.
Custom-rule scanning executes Semgrep rules you provide — review rules from untrusted sources before running.

Privacy notes

Code snippets, scan results, and findings enter the MCP client context and the model's prompt; the hosted endpoint also sends code to Semgrep's service.
SEMGREP_APP_TOKEN is a secret — keep it in the client config or environment, never in shared repositories.

Prerequisites

uv (uvx) to run semgrep-mcp, or Docker (ghcr.io/semgrep/mcp), or the hosted endpoint (https://mcp.semgrep.ai/mcp).
Optional: a Semgrep AppSec Platform token (SEMGREP_APP_TOKEN) to fetch platform findings.
An MCP client such as Claude Code or Claude Desktop.

Schema details

Install type: cli
Troubleshooting: No

Source repository stats

Scope: Source repo

Collection metadata

Estimated setup: 5 minutes
Difficulty: intermediate

Tool listing metadata

Website: https://semgrep.dev

Full copyable content

{
  "mcpServers": {
    "semgrep": {
      "command": "uvx",
      "args": ["semgrep-mcp"]
    }
  }
}

About this resource

Overview

The Semgrep MCP Server is the official Model Context Protocol server for Semgrep, the static analysis (SAST) tool. It lets Claude scan code for security vulnerabilities, run custom rules, inspect the abstract syntax tree, and pull findings from the Semgrep AppSec Platform — in natural language. It runs locally via uvx semgrep-mcp or Docker, or as a hosted endpoint, supports stdio, streamable-HTTP, and SSE transports, and is licensed under MIT.

Key capabilities

Tool	What it does
`security_check`	Scan code for security vulnerabilities
`semgrep_scan`	Scan files with a config string
`semgrep_scan_with_custom_rule`	Scan with a custom Semgrep rule
`get_abstract_syntax_tree`	Output the AST for code
`semgrep_findings`	Fetch findings from the AppSec Platform
`supported_languages`	List supported languages
`semgrep_rule_schema`	Return the Semgrep rule JSON Schema

Semgrep focuses on static analysis of your own code; pair it with a dependency/supply-chain scanner (for example Snyk or Socket) for full coverage.

Installation

Claude Code

claude mcp add semgrep -- uvx semgrep-mcp

Claude Desktop

{
  "mcpServers": {
    "semgrep": {
      "command": "uvx",
      "args": ["semgrep-mcp"]
    }
  }
}

Docker (docker run -i --rm ghcr.io/semgrep/mcp -t stdio) and a hosted endpoint (https://mcp.semgrep.ai/mcp, streamable-HTTP) are also available. Set SEMGREP_APP_TOKEN to fetch AppSec Platform findings.

Requirements

uv (uvx), Docker, or the hosted endpoint.
Optional SEMGREP_APP_TOKEN for platform findings.
An MCP client (Claude Code or Claude Desktop).

Security

The scanning tools read your source code — run the server only on code you trust it to access.
Custom-rule scanning executes rules you supply; review rules from untrusted sources first.
Treat SEMGREP_APP_TOKEN as a secret.

Source Verification Notes

Verified on 2026-06-17:

The official Semgrep MCP code (in github.com/semgrep/semgrep under cli/src/semgrep/mcp, MIT) documents the semgrep-mcp package, the Docker image ghcr.io/semgrep/mcp, the hosted mcp.semgrep.ai/mcp endpoint, stdio/streamable-HTTP/SSE transports, the optional SEMGREP_APP_TOKEN, and the seven tools above.
Semgrep's documentation describes the underlying static-analysis engine and rules.
Claude Code's MCP documentation describes the connector setup pattern used here.

#semgrep #security #sast #code-scanning #vulnerabilities

Source citations

Add this badge to your README

Show that Semgrep MCP Server for Claude is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

[![Listed on HeyClaude](https://heyclau.de/badge/mcp/semgrep-mcp-server.svg)](https://heyclau.de/entry/mcp/semgrep-mcp-server)

How it compares

Semgrep MCP Server for Claude side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

Field	Semgrep MCP Server for Claude Connect Claude to Semgrep — scan code for security vulnerabilities, run custom rules, inspect the AST, and pull AppSec Platform findings — with the official Semgrep Model Context Protocol server. Open dossier	HashiCorp Vault MCP Server for Claude Connect Claude to HashiCorp Vault — manage secrets engines, read and write KV secrets, and operate the PKI engine — with HashiCorp's official Model Context Protocol server. Open dossier	Snyk MCP Server for Claude Official Snyk Studio MCP Server for connecting Claude Code, Codex CLI, Cursor, Gemini CLI, and other local MCP clients to Snyk Code, Open Source, IaC, container, SBOM, AI-BOM, package-health, authentication, and secure-at-inception workflows. Open dossier	Elasticsearch MCP Server for Claude Connect Claude to your Elasticsearch cluster — search indices, inspect mappings, run ES\|QL, and check shard health — with Elastic's official Model Context Protocol server. Open dossier
Trust
Install risk	Review first	Review first	Review first	Review first
Notes	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓
Category	mcp	mcp	mcp	mcp
Source	source-backed	source-backed	source-backed	source-backed
Author	Semgrep	HashiCorp	Snyk	Elastic
Added	2026-06-17	2026-06-17	2026-06-04	2026-06-17
Platforms	Claude CodeCodexCursorClaude Desktop	Claude CodeClaude Desktop	Claude CodeClaude Desktop	Claude CodeClaude Desktop
Source repo	—	—	—	—
Safety notes	✓The scanning tools read your source code to analyze it; run the server only on code you trust it to access. Custom-rule scanning executes Semgrep rules you provide — review rules from untrusted sources before running.	✓Tools create and delete secrets engines and write/delete secrets and PKI material — scope the Vault token policy to least privilege. Mount and PKI operations change live Vault configuration; review before running them through Claude.	✓Snyk documents this as a local MCP server that runs through the Snyk CLI so it can access local project files. Do not treat it like a hosted remote endpoint or expose it to untrusted clients. The official examples use `snyk@latest`; this listing pins the currently observed npm package version for reproducibility. Re-check Snyk's docs and npm package metadata before updating the pinned runner. Authenticate with the least-privilege Snyk account that can inspect the target project. Do not commit Snyk tokens, generated MCP configs, CLI auth state, Claude configs, Codex configs, or copied scan output that contains sensitive findings. Snyk requires trusting the current project directory before scanning. Treat that trust step as a real access decision, especially for monorepos, regulated codebases, customer projects, and worktrees containing secrets. The `snyk_sca_scan` tool can execute third-party ecosystem tools such as Gradle or Maven to build dependency trees. Run scans only in projects where dependency resolution commands are acceptable. Container, IaC, SBOM, AI-BOM, and package-health tools may require extra local files, network access, preview feature access, or container image references. Review each tool call before letting the assistant expand the scan surface. Treat generated remediation guidance as advisory. A human should review code changes, dependency upgrades, IaC edits, Dockerfile changes, and suppressions before they are committed or deployed.	✓Search, ES\|QL, and shard tools run live read queries against the configured cluster; a broad or expensive query can add load. Scope the Elasticsearch API key to least privilege (read-only on the indices Claude should see) before connecting.
Privacy notes	✓Code snippets, scan results, and findings enter the MCP client context and the model's prompt; the hosted endpoint also sends code to Semgrep's service. SEMGREP_APP_TOKEN is a secret — keep it in the client config or environment, never in shared repositories.	✓Secret values read through the server enter the MCP client context and the model's prompt — only read what is necessary. VAULT_ADDR and VAULT_TOKEN are secrets — keep them in the client config or environment, never in shared repositories.	✓Snyk MCP can read local source code, dependency manifests, package lock files, IaC definitions, Dockerfiles, container image references, SBOM files, AI project metadata, and scanner results from the connected project. Scans can send project metadata, dependency information, vulnerability context, code-analysis data, organization identifiers, authentication state, and package-health requests to Snyk services according to the configured product and account. Claude, Codex, IDE logs, MCP client transcripts, screenshots, shell history, and tickets can retain Snyk findings outside Snyk's normal access controls and retention settings. Security findings may reveal vulnerable dependencies, vulnerable code paths, internal package names, container base images, cloud resources, application structure, and remediation priorities. Avoid pasting raw findings into public issues or unaudited chat systems. The `snyk_send_feedback` tool can send issue-fix feedback to Snyk. Use it only when that feedback path is approved for the project and organization.	✓Index data, field mappings, and query results enter the MCP client context and the model's prompt. ES_URL and ES_API_KEY are secrets — store them in the client config or environment, never in shared repositories.
Prerequisites	uv (uvx) to run semgrep-mcp, or Docker (ghcr.io/semgrep/mcp), or the hosted endpoint (https://mcp.semgrep.ai/mcp). Optional: a Semgrep AppSec Platform token (SEMGREP_APP_TOKEN) to fetch platform findings. An MCP client such as Claude Code or Claude Desktop.	A reachable HashiCorp Vault server address (VAULT_ADDR). A Vault token (VAULT_TOKEN) whose policy grants only the paths Claude should access. Docker (the server is distributed as the hashicorp/vault-mcp-server image), or build the binary. An MCP client such as Claude Code or Claude Desktop.	Snyk account and approval to connect the local project to Snyk security scanning. Node.js and `npx`, or a locally installed Snyk CLI executable available to the MCP client. MCP-capable client such as Claude Code, Codex CLI, Cursor, Gemini CLI, or another local stdio-compatible client. Browser-based Snyk authentication, or an approved token-based authentication flow for the target organization.	Docker installed (the server is distributed as the docker.elastic.co/mcp/elasticsearch image). An Elasticsearch cluster URL (ES_URL) you can reach. An Elasticsearch API key (ES_API_KEY) or username/password (ES_USERNAME + ES_PASSWORD). An MCP client such as Claude Code or Claude Desktop.
Install	`claude mcp add semgrep -- uvx semgrep-mcp`	`claude mcp add vault -e VAULT_ADDR=<your-vault-addr> -e VAULT_TOKEN=<your-token> -- docker run -i --rm -e VAULT_ADDR -e VAULT_TOKEN hashicorp/vault-mcp-server`	`npx -y snyk@1.1305.1 mcp -t stdio --profile=lite`	`claude mcp add elasticsearch -- docker run -i --rm -e ES_URL=<your-cluster-url> -e ES_API_KEY=<your-api-key> docker.elastic.co/mcp/elasticsearch stdio`
Config	`{ "mcpServers": { "semgrep": { "command": "uvx", "args": ["semgrep-mcp"] } } }`	`{ "mcpServers": { "vault-mcp-server": { "command": "docker", "args": [ "run", "-i", "--rm", "-e", "VAULT_ADDR", "-e", "VAULT_TOKEN", "-e", "VAULT_NAMESPACE", "hashicorp/vault-mcp-server" ], "env": { "VAULT_ADDR": "<your-vault-addr>", "VAULT_TOKEN": "<your-token>" } } } }`	`{ "mcpServers": { "Snyk": { "command": "npx", "args": [ "-y", "snyk@1.1305.1", "mcp", "-t", "stdio", "--profile=lite" ], "env": {}, "type": "stdio" } } }`	`{ "mcpServers": { "elasticsearch-mcp-server": { "command": "docker", "args": [ "run", "-i", "--rm", "-e", "ES_URL", "-e", "ES_API_KEY", "docker.elastic.co/mcp/elasticsearch", "stdio" ], "env": { "ES_URL": "<elasticsearch-cluster-url>", "ES_API_KEY": "<elasticsearch-api-key>" } } } }`
Citations	Source repositorygithub.com 2026-06-18T07:00:43+00:00 Documentationgithub.com Websitesemgrep.dev	Source repositorygithub.com 2026-06-18T07:00:43+00:00 Documentationgithub.com	Source repositorygithub.com 2026-06-18T07:00:43+00:00 Documentationdocs.snyk.io Submitted by oktofeesh12026-06-04	Source repositorygithub.com 2026-06-18T07:00:43+00:00 Documentationgithub.com
Claim	Unclaimed	Unclaimed	Unclaimed	Unclaimed

Signals

Loading live community signals…