Semgrep MCP Server
Scan code for security vulnerabilities directly from your AI agent with the Semgrep MCP server.
Updated
What is Semgrep MCP?
The Semgrep MCP server is a Model Context Protocol server that gives AI agents and IDEs the ability to scan code for security vulnerabilities using Semgrep's fast, deterministic static analysis engine.
Semgrep semantically understands many languages and ships with thousands of community rules, so an agent connected to the server can check a file, scan a directory, apply a custom rule, or inspect a code abstract syntax tree without leaving the conversation. It is built by Semgrep and was originally published as the open-source semgrep/mcp project; ongoing development has moved into the official semgrep binary and the Semgrep coding-agent plugin.
You can use the hosted remote endpoint at https://mcp.semgrep.ai/mcp (streamable HTTP), which needs no sign-in for core scanning and is currently experimental, or run the server locally with uvx semgrep-mcp or the ghcr.io/semgrep/mcp Docker image. Pulling findings from the Semgrep AppSec Platform requires a free Semgrep account and API token.
Tools the Semgrep MCP server exposes
| Tool | What it does |
|---|---|
| security_check | Scan provided code for security vulnerabilities. |
| semgrep_scan | Scan code files for vulnerabilities using a given Semgrep config string. |
| semgrep_scan_with_custom_rule | Scan code using a custom Semgrep rule you supply. |
| semgrep_rule_schema | Fetch the latest Semgrep rule JSON schema. |
| get_abstract_syntax_tree | Output the abstract syntax tree (AST) of provided code. |
| supported_languages | Return the list of languages Semgrep supports. |
| semgrep_findings | Fetch findings from the Semgrep AppSec Platform (requires a Semgrep account token). |
Connect the Semgrep MCP server
Claude Code (hosted remote server)
- 1
Add the Semgrep MCP server
Run: claude mcp add --transport http semgrep https://mcp.semgrep.ai/mcp
- 2
Verify the connection
Run /mcp inside Claude Code and confirm the semgrep server is listed and its tools (security_check, semgrep_scan, ...) are available.
- 3
Scan code
Ask Claude to run a Semgrep security check on a file or directory. The hosted endpoint needs no sign-in for core scanning.
To run locally instead, use the command 'uvx' with args ['semgrep-mcp'] in your MCP config.
Cursor (hosted remote server)
- 1
Open MCP settings
Go to Cursor Settings > MCP > Add new MCP server (or edit ~/.cursor/mcp.json).
- 2
Add the Semgrep entry
Add: { "mcpServers": { "semgrep": { "type": "streamable-http", "url": "https://mcp.semgrep.ai/mcp" } } }
- 3
Enable and use
Confirm the semgrep server shows as connected, then ask Cursor to scan code for vulnerabilities with Semgrep.
For a local server, replace the entry with { "command": "uvx", "args": ["semgrep-mcp"] }, which requires the Semgrep CLI / uv installed.
Security & permissions
The hosted remote endpoint at https://mcp.semgrep.ai/mcp currently requires no authentication for core code scanning, and is labeled experimental by Semgrep (it may change or break). When you connect, the agent gains access to Semgrep's scanning tools — it can analyze whatever code you (or the workflow) pass to it, so treat scanned source as data shared with the server. The semgrep_findings tool, which reads results from the Semgrep AppSec Platform, additionally requires a Semgrep account API token; scope that token to the access your workflow actually needs and store it as a managed secret rather than in plaintext config. For sensitive or proprietary code, prefer the local server (uvx semgrep-mcp or the Docker image) so scanning stays on infrastructure you control.
Using Semgrep MCP with Gamut
In Gamut, the Semgrep MCP server becomes a tool your automated agents can call inside event- or schedule-triggered workflows — Gamut manages the connection, so an agent can scan code on a cron schedule or in response to a webhook (for example, a new commit or pull-request event) and route the resulting vulnerability findings into a Slack message, an issue tracker, or a follow-up remediation step. Because the scanning runs deterministically against Semgrep's rules, it slots cleanly into a "review every change for security issues before it ships" pattern without a human kicking off each run.
Frequently asked questions
What is the Semgrep MCP server?
It is a Model Context Protocol server that lets AI agents and IDEs run Semgrep's static analysis to scan code for security vulnerabilities. It exposes tools like security_check, semgrep_scan, and semgrep_scan_with_custom_rule, plus utilities to inspect a code AST and fetch Semgrep rule schemas.
Is the Semgrep MCP server free?
Yes — Semgrep's core code scanning is free and open source, and the hosted endpoint at mcp.semgrep.ai requires no sign-in for scanning. Pulling findings from the Semgrep AppSec Platform via the semgrep_findings tool needs a free Semgrep account and API token, and paid Semgrep plans add managed AppSec features.
How do I connect the Semgrep MCP server to Claude Code or Cursor?
For the hosted server, in Claude Code run: claude mcp add --transport http semgrep https://mcp.semgrep.ai/mcp. In Cursor, add a streamable-http MCP entry pointing at https://mcp.semgrep.ai/mcp. To run locally instead, configure the command 'uvx' with args ['semgrep-mcp'].
Is the Semgrep MCP server hosted or self-hosted?
Both. Semgrep offers a hosted remote endpoint at https://mcp.semgrep.ai/mcp (streamable HTTP, experimental), and you can self-host by running 'uvx semgrep-mcp' or the ghcr.io/semgrep/mcp Docker image locally — useful when you want scanning to stay on your own infrastructure.