Semgrep MCP (Official)

Official Code

Official Semgrep MCP server for scanning code for security vulnerabilities using static analysis rules.

GitHub

Quick Install 

uvx semgrep-mcp

One-click install

Install in Cursor Install in VS Code
More clients (VS Code Insiders, Antigravity, Windsurf, Zed, Trae…)
VS Code Insiders

JSON works with: Antigravity (Google), Windsurf (Codeium), Trae (ByteDance), Zed, Continue.dev, Cline, Roo Code, and any other MCP-compatible client. Paste into their MCP config file or settings.

Manual configuration

Add this to your Claude Code settings.json (or .claude/settings.json in your project): 

{
  "mcpServers": {
    "semgrep-mcp-official": {
      "command": "uvx",
      "args": [
        "semgrep-mcp"
      ]
    }
  }
}