Joern

v1.0.0Securitystable

Enables AI assistants to perform sophisticated static code analysis using Joern's Code Property Graph technology. Supports multi-language analysis, security vulnerability detection, and code quality assessment through isolated Docker environments.

joernmcp-serverprogram-analysisstatic-analysistaint-analysis
Share:
105
Stars
0
Downloads
0
Weekly
0/5

What is Joern?

Joern is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to enables ai assistants to perform sophisticated static code analysis using joern's code property graph technology. supports multi-language analysis, security vulnerability detection, and code quality a...

Enables AI assistants to perform sophisticated static code analysis using Joern's Code Property Graph technology. Supports multi-language analysis, security vulnerability detection, and code quality assessment through isolated Docker environments.

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • Enables AI assistants to perform sophisticated static code a

Use Cases

Perform sophisticated static code analysis using Code Property Graph technology. Detect security vulnerabilities and assess code quality across multiple languages.
Lekssays

Maintainer

LicenseGPL 3.0
Languagepython
Versionv1.0.0
UpdatedMay 21, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx joern-mcp-server

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Joern

The Joern MCP server (codebadger) integrates the Joern static analysis engine into AI assistant workflows via the Model Context Protocol, enabling Claude and other agents to run Code Property Graph (CPG) queries, trace data flow and taint paths, perform program slicing, and hunt for security vulnerabilities across source code in 12+ languages. The server runs in Docker-isolated environments to safely analyse untrusted code, and exposes MCP tools for CPGQL query execution, call graph generation, and code structure analysis. Security researchers, AppSec teams, and developers use it to automate vulnerability detection and code quality assessment without manually operating Joern.

Prerequisites

  • Docker Engine and Docker Compose v2 installed
  • Python 3.10 or later (3.13 recommended) for local development mode
  • At least 8 GB RAM recommended (Joern is memory-intensive; run python scripts/recommend_config.py for sizing guidance)
  • An MCP-compatible client such as Claude Desktop or Claude Code
  • Access to the source code repository or directory you want to analyse
1

Clone the codebadger repository

The server is not available as a single npm package; you must clone the repository and use the provided Docker Compose setup.

git clone https://github.com/Lekssays/codebadger
cd codebadger
2

Configure environment variables

Copy the example env file and edit it. Key variables include PLAYGROUND_HOST_PATH (absolute path to the playground directory), MCP_HOST, and Joern memory settings.

cp .env.example .env
# Edit .env with your configuration
python scripts/recommend_config.py  # Get memory sizing recommendations
3

Deploy the full stack with Docker Compose

Run the deploy script to start Joern, Postgres, Redis, and the MCP server. The server will be available at http://localhost:4242/mcp after startup.

cp config.example.yaml config.yaml
./scripts/deploy.sh
4

Verify the server is running

Check the health endpoint to confirm all backend services (Joern, Postgres, Redis) are up and ready.

curl -s http://localhost:4242/health | python3 -m json.tool
5

Configure your MCP client to connect to the server

Point your MCP client at the running server's HTTP endpoint. The server uses HTTP transport on port 4242.

{
  "mcpServers": {
    "codebadger": {
      "url": "http://localhost:4242/mcp",
      "type": "http"
    }
  }
}

Joern Examples

Client configuration

MCP client configuration pointing to a locally running codebadger server.

{
  "mcpServers": {
    "codebadger": {
      "url": "http://localhost:4242/mcp",
      "type": "http"
    }
  }
}

Prompts to try

These prompts work after the server is running and you have pointed it at a codebase.

- "Analyse this Java project for SQL injection vulnerabilities using taint analysis"
- "Generate the call graph for the authenticate() function and show all callers"
- "Find all data flows from user input to database write operations in this Python codebase"
- "Slice the program around the login() function and identify any missing input validation"
- "Run a CPGQL query to find all methods that call System.exec in this Java project"

Troubleshooting Joern

Joern container runs out of memory and crashes

Run python scripts/recommend_config.py to get memory recommendations based on your codebase size. Increase JOERN_MEM_LIMIT and JOERN_MEMORY_BUDGET_MB in your .env file, and ensure your Docker host has sufficient RAM allocated.

Health check shows Joern as unhealthy

Joern can take several minutes to start on large codebases. Wait for the container logs to show 'Joern ready' before sending analysis requests. Run docker compose logs codebadger-joern to monitor startup progress.

MCP client cannot connect to http://localhost:4242/mcp

Verify the deploy script completed successfully with docker compose ps. If MCP_HOST is set to 127.0.0.1, the endpoint is only reachable from localhost. Set MCP_HOST=0.0.0.0 in .env if you need remote access.

Frequently Asked Questions about Joern

What is Joern?

Joern is a Model Context Protocol (MCP) server that enables ai assistants to perform sophisticated static code analysis using joern's code property graph technology. supports multi-language analysis, security vulnerability detection, and code quality assessment through isolated docker environments. It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Joern?

Follow the installation instructions on the Joern GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Joern?

Joern works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Joern free to use?

Yes, Joern is open source and available under the GPL 3.0 license. You can use it freely in both personal and commercial projects.

Joern Alternatives — Similar Security Servers

Looking for alternatives to Joern? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "joern-mcp-server": { "command": "npx", "args": ["-y", "joern-mcp-server"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Joern?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides