Log inSign up
canstralian
canstralianCyberGenie
Public
Like
1
CyberGenie
Val Town is a collaborative website to build and scale JavaScript apps.
Deploy APIs, crons, & store data – all from the browser, and deployed in milliseconds.
Sign up now
Code
/
README.md
Search
6/27/2025
Viewing readonly version of main branch: v1
View latest version
README.md

MCP Code Analysis Server

A pluggable MCP-compatible server that exposes a standardized /analyze API for CLI-based code analysis tools. This allows editors like Cursor or VS Code to request code analysis from various tools (Semgrep, ESLint, Pylint, etc.) and receive unified, structured results.

Features

  • Standardized API: Single /analyze endpoint for all analysis tools
  • Plugin Architecture: Easy to add new analysis tools
  • MCP Compatible: Follows Model Context Protocol standards
  • Unified Results: Consistent output format across all tools
  • Tool Discovery: Automatic detection of available analysis tools
  • Configurable: Support for tool-specific configurations

API Endpoints

POST /analyze

Analyze code using specified tools and return unified results.

Request Body:

{
  "code": "string",           // Code to analyze (optional if files provided)
  "files": ["path1", "path2"], // File paths to analyze (optional if code provided)
  "language": "javascript",   // Programming language
  "tools": ["semgrep", "eslint"], // Analysis tools to use (optional, defaults to auto-detect)
  "config": {                 // Tool-specific configurations
    "semgrep": { "rules": ["security"] },
    "eslint": { "extends": ["recommended"] }
  }
}

Response:

{
  "results": [
    {
      "tool": "semgrep",
      "findings": [
        {
          "id": "rule-id",
          "severity": "error|warning|info",
          "message": "Description of the issue",
          "file": "path/to/file.js",
          "line": 42,
          "column": 10,
          "endLine": 42,
          "endColumn": 25,
          "rule": "rule-name",
          "category": "security|performance|style|bug"
        }
      ],
      "metadata": {
        "executionTime": 1.23,
        "rulesApplied": 150,
        "version": "1.0.0"
      }
    }
  ],
  "summary": {
    "totalFindings": 5,
    "errors": 2,
    "warnings": 3,
    "info": 0,
    "toolsUsed": ["semgrep", "eslint"]
  }
}

GET /tools

List available analysis tools and their capabilities.

GET /health

Health check endpoint.

Project Structure

├── backend/
│   ├── index.ts              # Main Hono server
│   ├── plugins/              # Analysis tool plugins
│   │   ├── base.ts          # Base plugin interface
│   │   ├── semgrep.ts       # Semgrep plugin
│   │   ├── eslint.ts        # ESLint plugin
│   │   └── registry.ts      # Plugin registry
│   ├── services/
│   │   ├── analyzer.ts      # Main analysis service
│   │   └── unifier.ts       # Result unification service
│   └── types/
│       └── analysis.ts      # Type definitions
├── shared/
│   └── types.ts             # Shared types
└── README.md

Supported Tools

  • Semgrep: Static analysis for security, bugs, and code quality
  • ESLint: JavaScript/TypeScript linting
  • Pylint: Python code analysis
  • ShellCheck: Shell script analysis
  • Bandit: Python security analysis
  • Extensible: Easy to add more tools via plugin system

Usage

  1. Start the server (automatically deployed on Val Town)
  2. Send analysis requests to /analyze
  3. Receive unified results from multiple tools

Development

The server uses a plugin architecture where each analysis tool is implemented as a plugin that conforms to the AnalysisPlugin interface. New tools can be added by creating a new plugin file in the backend/plugins/ directory.