S
Claude Desktop Config
{
"mcpServers": {
"semgrep": {
"type": "http",
"url": "https://mcp.semgrep.ai/mcp"
}
}
}Semgrep MCP is an officially maintained MCP server in the Security category, developed by Semgrep. It runs as a remote server, so you can connect to it directly from any Claude-compatible client without installing anything locally. Security teams can leverage it to run checks and gather intelligence through natural-language prompts.
About Semgrep MCP
Semgrep MCP server enables AI assistants to run static analysis and security scans on codebases.
Features
- Static analysis across 30+ languages
- Security vulnerability detection (OWASP Top 10)
- Custom rule writing with Semgrep patterns
- CI/CD integration analysis
- Available as open-access remote server
No authentication required for community rules.
Who Should Use Semgrep MCP?
- 1Run security scans and vulnerability checks from your AI assistant
- 2Automate compliance checks and audit log reviews
- 3Integrate threat intelligence feeds into your AI workflow
- 4Let Claude assist with penetration testing and security research tasks
How Semgrep MCP Compares
✦It is an officially maintained server — unlike community alternatives, it is built and supported by the original project team, ensuring compatibility with upstream changes.
✦It runs as a hosted remote server, which means zero local setup — ideal for teams who want a shared MCP endpoint without managing infrastructure.
✦No authentication is required — you can connect and start using it immediately with no account or credentials.
Tags
semgrepsecuritysastcode-analysisopen-access