Semgrep MCP (Official)

Official Code

Official Semgrep MCP server for scanning code for security vulnerabilities using static analysis rules.

GitHub

Quick Install 

uvx semgrep-mcp

One-click install

Install in Cursor Install in VS Code
More clients (VS Code Insiders, Antigravity, Windsurf, Zed, Trae…)
VS Code Insiders

JSON works with: Antigravity (Google), Windsurf (Codeium), Trae (ByteDance), Zed, Continue.dev, Cline, Roo Code, and any other MCP-compatible client. Paste into their MCP config file or settings.

Manual configuration

Add this to your Claude Code settings.json (or .claude/settings.json in your project): 

{
  "mcpServers": {
    "semgrep-mcp-official": {
      "command": "uvx",
      "args": [
        "semgrep-mcp"
      ]
    }
  }
}
More from this publisher
See Semgrep on tool.news
β†’
Pricing, lock-in score, alternatives, and migration guides.
Thinking about leaving?
Help me migrate from Semgrep
β†’
We'll draft an export-request email and a step-by-step plan.

Looking for the right MCP server?

Answer a few questions β€” get an AI-picked shortlist of MCP servers that match your IDE and stack.

Open AI Tool Finder