StackMCP

Set up Semgrep MCP in Claude Code

Static analysis security scanning with custom rules, AST analysis, and multi-language vulnerability detection. Official Semgrep implementation.

1

Locate the config file

Claude Code reads MCP server configuration from the following file:

~/.claude.json

Create this file if it does not already exist.

2

Add the configuration

You can configure Semgrep MCP using the CLI command or by editing the config file directly.

Option A: CLI command

bash
claude mcp add semgrep-mcp -- uvx semgrep-mcp

Option B: Config file

json
{
  "mcpServers": {
    "semgrep-mcp": {
      "command": "uvx",
      "args": [
        "semgrep-mcp"
      ]
    }
  }
}
3

Set up environment variables

No environment variables needed. Semgrep MCP works out of the box without any API keys or tokens.

4

Verify it works

Restart Claude Code. Semgrep MCP should appear in your MCP server list with 7 tools available.

This server adds approximately 3,500 tokens to your context window for tool definitions.

Set up Semgrep MCP in other editors

CursorVS CodeWindsurfClaude DesktopContinue
← Back to Semgrep MCP