From 7ebe62c871a35e5fd16b9e2bf313068716516616 Mon Sep 17 00:00:00 2001 From: Henry Mao <1828968+calclavia@users.noreply.github.com> Date: Mon, 21 Jul 2025 22:17:55 +0800 Subject: [PATCH 1/6] Add Dockerfile --- Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 6d338d5..6778869 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,4 @@ +# Generated by https://smithery.ai. See: https://smithery.ai/docs/build/project-config # Use a Python image with uv pre-installed FROM ghcr.io/astral-sh/uv:python3.13-bookworm-slim AS uv @@ -44,4 +45,4 @@ EXPOSE 8000 ENV FASTMCP_HOST=0.0.0.0 ENTRYPOINT ["semgrep-mcp"] -CMD ["-t", "streamable-http"] \ No newline at end of file +CMD ["-t", "streamable-http"] From 387a2b220d2a9d72fb6bde3be26130feec7c4d9c Mon Sep 17 00:00:00 2001 From: Henry Mao <1828968+calclavia@users.noreply.github.com> Date: Mon, 21 Jul 2025 22:17:56 +0800 Subject: [PATCH 2/6] Add Smithery configuration --- smithery.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 smithery.yaml diff --git a/smithery.yaml b/smithery.yaml new file mode 100644 index 0000000..144f5a9 --- /dev/null +++ b/smithery.yaml @@ -0,0 +1,17 @@ +# Smithery configuration file: https://smithery.ai/docs/build/project-config + +startCommand: + type: stdio + commandFunction: + # A JS function that produces the CLI command based on the given config to start the MCP on stdio. + |- + (config) => ({ command: 'semgrep-mcp', args: ['-t', 'stdio'], env: config.semgrepAppToken ? { SEMGREP_APP_TOKEN: config.semgrepAppToken } : undefined }) + configSchema: + # JSON Schema defining the configuration options for the MCP. + type: object + properties: + semgrepAppToken: + type: string + description: Optional Semgrep AppSec Platform API token to enable cloud platform + tools. + exampleConfig: {} From c716f24056693ca1c55d252e004ea699888f93b6 Mon Sep 17 00:00:00 2001 From: Henry Mao <1828968+calclavia@users.noreply.github.com> Date: Mon, 21 Jul 2025 22:17:57 +0800 Subject: [PATCH 3/6] Update README --- README.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/README.md b/README.md index 5c5f16e..818d75a 100644 --- a/README.md +++ b/README.md @@ -32,6 +32,7 @@ [![Docker](https://img.shields.io/badge/docker-ghcr.io%2Fsemgrep%2Fmcp-0098FF?style=flat-square&logo=docker&logoColor=white)](https://ghcr.io/semgrep/mcp) [![Install in VS Code Insiders](https://img.shields.io/badge/VS_Code_Insiders-uv-24bfa5?style=flat-square&logo=githubcopilot&logoColor=white)](https://insiders.vscode.dev/redirect/mcp/install?name=semgrep&config=%7B%22command%22%3A%22uvx%22%2C%22args%22%3A%5B%22semgrep-mcp%22%5D%7D&quality=insiders) [![Install in VS Code Insiders](https://img.shields.io/badge/VS_Code_Insiders-docker-24bfa5?style=flat-square&logo=githubcopilot&logoColor=white)](https://insiders.vscode.dev/redirect/mcp/install?name=semgrep&config=%7B%22command%22%3A%22docker%22%2C%22args%22%3A%5B%22run%22%2C%20%22-i%22%2C%20%22--rm%22%2C%20%22ghcr.io%2Fsemgrep%2Fmcp%22%2C%20%22-t%22%2C%20%22stdio%22%5D%7D&quality=insiders) +[![smithery badge](https://smithery.ai/badge/@semgrep/mcp)](https://smithery.ai/server/@semgrep/mcp) A Model Context Protocol (MCP) server for using [Semgrep](https://semgrep.dev) to scan code for security vulnerabilities. Secure your [vibe coding](https://semgrep.dev/blog/2025/giving-appsec-a-seat-at-the-vibe-coding-table/)! 😅 @@ -88,6 +89,16 @@ A Model Context Protocol (MCP) server for using [Semgrep](https://semgrep.dev) t ## Getting started +### Installing via Smithery + +To install Semgrep MCP Server for Claude Desktop automatically via [Smithery](https://smithery.ai/server/@semgrep/mcp): + +```bash +npx -y @smithery/cli install @semgrep/mcp --client claude +``` + +### Standard Installation + Run the [Python package](https://pypi.org/p/semgrep-mcp) as a CLI command using [`uv`](https://docs.astral.sh/uv/guides/tools/): ```bash From d088c8f497d1447f00a0bc4f2db82371303a128d Mon Sep 17 00:00:00 2001 From: Henry Mao <1828968+calclavia@users.noreply.github.com> Date: Tue, 22 Jul 2025 20:34:24 +0800 Subject: [PATCH 4/6] Update Dockerfile --- Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 6778869..2dfb16a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,3 @@ -# Generated by https://smithery.ai. See: https://smithery.ai/docs/build/project-config # Use a Python image with uv pre-installed FROM ghcr.io/astral-sh/uv:python3.13-bookworm-slim AS uv From 05bc68668a0817f72e82ec6e286b1db4a336730c Mon Sep 17 00:00:00 2001 From: Henry Mao <1828968+calclavia@users.noreply.github.com> Date: Tue, 22 Jul 2025 20:35:12 +0800 Subject: [PATCH 5/6] Update Dockerfile From 5b6248ef658ddb3238ef8530ba80e0c53c132453 Mon Sep 17 00:00:00 2001 From: Henry Mao <1828968+calclavia@users.noreply.github.com> Date: Tue, 22 Jul 2025 20:35:38 +0800 Subject: [PATCH 6/6] Update Dockerfile