MCP Code Analyzer

v1.0.0Developer Toolsstable

An orchestrator that coordinates multiple security and quality tools like Semgrep and ESLint to provide comprehensive code analysis and scoring. It enables users to perform vulnerability scanning, architecture metrics, and impact analysis through CLI

mcp-code-analyzermcpai-integration
Share:
39
Stars
0
Downloads
0
Weekly
0/5

What is MCP Code Analyzer?

MCP Code Analyzer is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to orchestrator that coordinates multiple security and quality tools like semgrep and eslint to provide comprehensive code analysis and scoring. it enables users to perform vulnerability scanning, archit...

An orchestrator that coordinates multiple security and quality tools like Semgrep and ESLint to provide comprehensive code analysis and scoring. It enables users to perform vulnerability scanning, architecture metrics, and impact analysis through CLI

This server falls under the Developer Tools and Security categories on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • An orchestrator that coordinates multiple security and quali

Use Cases

Perform comprehensive code analysis combining Semgrep and ESLint for vulnerability detection and architecture metrics. Generate code quality scores and impact analysis.
emiryasar

Maintainer

LicenseMIT License
Languagepython
Versionv1.0.0
UpdatedSep 12, 2025
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx mcp-code-analyzer

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use MCP Code Analyzer

MCP Code Analyzer is an orchestrator MCP server that coordinates multiple static analysis tools — primarily Semgrep and ESLint — to deliver comprehensive code security scanning, architecture metrics, and quality scoring from a single AI interface. It provides tools for project structure analysis, technology detection, import dependency mapping, syntax checking, pattern detection, and file modification with dated backups. Security engineers and developers use it to identify vulnerabilities, measure code quality, and explore large codebases through natural-language queries without running separate CLI tools manually.

Prerequisites

  • Python 3.10 or later installed
  • Semgrep installed (pip install semgrep) for vulnerability scanning
  • Node.js and ESLint installed for JavaScript/TypeScript linting
  • Claude Desktop or another MCP-compatible client
  • Windows OS (other platforms are currently untested)
1

Clone the repository

Clone the MCP Code Analyzer repository to your machine.

git clone https://github.com/emiryasar/mcp_code_analyzer.git
cd mcp_code_analyzer
2

Install the package in editable mode

Install the package and its Python dependencies using pip.

pip install -e .
3

Install Semgrep for vulnerability scanning

Semgrep is required for the security scanning features. Install it separately.

pip install semgrep
4

Configure Claude Desktop with project paths

Open %AppData%\Claude\claude_desktop_config.json and add the server entry. Supply the paths to the projects you want to analyze via the --analyze-paths argument.

{
  "mcpServers": {
    "code-analyzer": {
      "command": "python",
      "args": ["-m", "mcp_code_analyzer", "--analyze-paths", "C:\\Projects\\myapp"],
      "type": "module"
    }
  }
}
5

Restart Claude Desktop and verify connection

Restart Claude Desktop and confirm the code-analyzer server appears in the connected tools list.

MCP Code Analyzer Examples

Client configuration

Claude Desktop configuration with multiple project paths for analysis.

{
  "mcpServers": {
    "code-analyzer": {
      "command": "python",
      "args": [
        "-m", "mcp_code_analyzer",
        "--analyze-paths", "C:\\Projects\\backend",
        "--analyze-paths", "C:\\Projects\\frontend"
      ],
      "type": "module"
    }
  }
}

Prompts to try

These prompts demonstrate security scanning, architecture analysis, and code exploration.

- "Scan the project for SQL injection vulnerabilities using Semgrep."
- "Show me the project structure and list the top-level directories and their file counts."
- "What technologies and frameworks does this codebase use?"
- "Find all imports of the 'requests' library and show me which files use it."
- "Run ESLint on the frontend directory and report any errors or warnings."
- "Generate a code quality score for the backend project."

Troubleshooting MCP Code Analyzer

Semgrep scan returns no results or errors

Verify Semgrep is installed in the same Python environment used to run the server: pip show semgrep. Also ensure the project path in --analyze-paths is correct and accessible.

ESLint analysis fails for JavaScript files

ESLint must be installed globally or locally in the project being analyzed. Run 'npm install -g eslint' and ensure node and npm are in your system PATH.

Large file modification causes context errors

The code modifier has known limitations with large files due to chat context constraints. Split modification requests into smaller, targeted changes and work on one file at a time.

Frequently Asked Questions about MCP Code Analyzer

What is MCP Code Analyzer?

MCP Code Analyzer is a Model Context Protocol (MCP) server that orchestrator that coordinates multiple security and quality tools like semgrep and eslint to provide comprehensive code analysis and scoring. it enables users to perform vulnerability scanning, architecture metrics, and impact analysis through cli It connects AI assistants to external tools and data sources through a standardized interface.

How do I install MCP Code Analyzer?

Follow the installation instructions on the MCP Code Analyzer GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with MCP Code Analyzer?

MCP Code Analyzer works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is MCP Code Analyzer free to use?

Yes, MCP Code Analyzer is open source and available under the MIT License license. You can use it freely in both personal and commercial projects.

Browse More Developer Tools MCP Servers

Explore all developer tools servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "mcp-code-analyzer": { "command": "npx", "args": ["-y", "mcp-code-analyzer"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use MCP Code Analyzer?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides