MCP Code Analyzer
An orchestrator that coordinates multiple security and quality tools like Semgrep and ESLint to provide comprehensive code analysis and scoring. It enables users to perform vulnerability scanning, architecture metrics, and impact analysis through CLI
What is MCP Code Analyzer?
MCP Code Analyzer is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to orchestrator that coordinates multiple security and quality tools like semgrep and eslint to provide comprehensive code analysis and scoring. it enables users to perform vulnerability scanning, archit...
An orchestrator that coordinates multiple security and quality tools like Semgrep and ESLint to provide comprehensive code analysis and scoring. It enables users to perform vulnerability scanning, architecture metrics, and impact analysis through CLI
This server falls under the Developer Tools and Security categories on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- An orchestrator that coordinates multiple security and quali
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx mcp-code-analyzerConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use MCP Code Analyzer
MCP Code Analyzer is an orchestrator MCP server that coordinates multiple static analysis tools — primarily Semgrep and ESLint — to deliver comprehensive code security scanning, architecture metrics, and quality scoring from a single AI interface. It provides tools for project structure analysis, technology detection, import dependency mapping, syntax checking, pattern detection, and file modification with dated backups. Security engineers and developers use it to identify vulnerabilities, measure code quality, and explore large codebases through natural-language queries without running separate CLI tools manually.
Prerequisites
- Python 3.10 or later installed
- Semgrep installed (pip install semgrep) for vulnerability scanning
- Node.js and ESLint installed for JavaScript/TypeScript linting
- Claude Desktop or another MCP-compatible client
- Windows OS (other platforms are currently untested)
Clone the repository
Clone the MCP Code Analyzer repository to your machine.
git clone https://github.com/emiryasar/mcp_code_analyzer.git
cd mcp_code_analyzerInstall the package in editable mode
Install the package and its Python dependencies using pip.
pip install -e .Install Semgrep for vulnerability scanning
Semgrep is required for the security scanning features. Install it separately.
pip install semgrepConfigure Claude Desktop with project paths
Open %AppData%\Claude\claude_desktop_config.json and add the server entry. Supply the paths to the projects you want to analyze via the --analyze-paths argument.
{
"mcpServers": {
"code-analyzer": {
"command": "python",
"args": ["-m", "mcp_code_analyzer", "--analyze-paths", "C:\\Projects\\myapp"],
"type": "module"
}
}
}Restart Claude Desktop and verify connection
Restart Claude Desktop and confirm the code-analyzer server appears in the connected tools list.
MCP Code Analyzer Examples
Client configuration
Claude Desktop configuration with multiple project paths for analysis.
{
"mcpServers": {
"code-analyzer": {
"command": "python",
"args": [
"-m", "mcp_code_analyzer",
"--analyze-paths", "C:\\Projects\\backend",
"--analyze-paths", "C:\\Projects\\frontend"
],
"type": "module"
}
}
}Prompts to try
These prompts demonstrate security scanning, architecture analysis, and code exploration.
- "Scan the project for SQL injection vulnerabilities using Semgrep."
- "Show me the project structure and list the top-level directories and their file counts."
- "What technologies and frameworks does this codebase use?"
- "Find all imports of the 'requests' library and show me which files use it."
- "Run ESLint on the frontend directory and report any errors or warnings."
- "Generate a code quality score for the backend project."Troubleshooting MCP Code Analyzer
Semgrep scan returns no results or errors
Verify Semgrep is installed in the same Python environment used to run the server: pip show semgrep. Also ensure the project path in --analyze-paths is correct and accessible.
ESLint analysis fails for JavaScript files
ESLint must be installed globally or locally in the project being analyzed. Run 'npm install -g eslint' and ensure node and npm are in your system PATH.
Large file modification causes context errors
The code modifier has known limitations with large files due to chat context constraints. Split modification requests into smaller, targeted changes and work on one file at a time.
Frequently Asked Questions about MCP Code Analyzer
What is MCP Code Analyzer?
MCP Code Analyzer is a Model Context Protocol (MCP) server that orchestrator that coordinates multiple security and quality tools like semgrep and eslint to provide comprehensive code analysis and scoring. it enables users to perform vulnerability scanning, architecture metrics, and impact analysis through cli It connects AI assistants to external tools and data sources through a standardized interface.
How do I install MCP Code Analyzer?
Follow the installation instructions on the MCP Code Analyzer GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with MCP Code Analyzer?
MCP Code Analyzer works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is MCP Code Analyzer free to use?
Yes, MCP Code Analyzer is open source and available under the MIT License license. You can use it freely in both personal and commercial projects.
MCP Code Analyzer Alternatives — Similar Developer Tools Servers
Looking for alternatives to MCP Code Analyzer? Here are other popular developer tools servers you can use with Claude, Cursor, and VS Code.
Ecc
★ 188.2kThe agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond.
Javaguide
★ 155.8kJava 面试 & 后端通用面试指南,覆盖计算机基础、数据库、分布式、高并发、系统设计与 AI 应用开发
Gemini CLI
★ 104.5kA secure MCP server that wraps the Google Gemini CLI, allowing clients to query Gemini models using local OAuth sessions without requiring an API key. It provides tools for model interaction and diagnostics with built-in protection against command in
Awesome MCP Servers
★ 87.3k⭐ Curated list of Model Context Protocol (MCP) servers - tools that extend Claude Desktop, Cursor, Windsurf, and other MCP clients with custom capabilities.
MCP Servers
★ 86.0kModel Context Protocol Servers
CC Switch
★ 77.5kA cross-platform desktop All-in-One assistant for Claude Code, Codex, OpenCode, OpenClaw, Gemini CLI & Hermes Agent. Only official website: ccswitch.io
Browse More Developer Tools MCP Servers
Explore all developer tools servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up MCP Code Analyzer in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use MCP Code Analyzer?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.