Private
CodeQL-MCP
2025-03-31
该项目运行包装CodeQL查询服务器的模型上下文协议(MCP)服务器。它启用[Cursor](https://cursor.sh/)或AI代理等工具通过结构化命令与CodeQL进行交互。
1
Github Watches
6
Github Forks
73
Github Stars
CodeQL MCP Server
This project runs a Model Context Protocol (MCP) server that wraps the CodeQL query server. It enables tools like Cursor or AI agents to interact with CodeQL through structured commands and doc search.
Features
- ✅ Register CodeQL databases
- ✅ Run full queries or quick-evaluate a symbol
- ✅ Decode
.bqrsfiles into JSON - ✅ Locate predicate/class symbol positions
File Structure
| File | Purpose |
|---|---|
server.py |
Main FastMCP server exposing CodeQL tools |
codeqlclient.py |
CodeQLQueryServer implementation (JSON-RPC handler) |
Requirements
Install with uv:
uv pip install -r requirements.txt
or with pip:
pip install fastmcp httpx
Running the MCP Server
uv run mcp run server.py -t sse
- Starts the server at http://localhost:8000/sse
- Required for Cursor or AI agent use
Cursor Config
Make sure your .cusor/config.json contains:
{
"mcpServers": {
"CodeQL": {
"url": "http://localhost:8000/sse"
}
}
}
Notes
- Tools like Cursor will invoke these commands directly via natural language.
- You must have a codeql binary in your $PATH, or hardcode its path in codeqlclient.py.
- You should probably specify query locations, query write locations and database paths in your prompts.
相关推荐
Confidential guide on numerology and astrology, based of GG33 Public information
Take an adjectivised noun, and create images making it progressively more adjective!
Siri Shortcut Finder – your go-to place for discovering amazing Siri Shortcuts with ease
Reviews
3
(1)
user_wdh0vHTP
2025-04-17
As a dedicated user of codeql-mcp, I must say this tool is an absolute game-changer in code analysis. Developed by JordyZomer, it offers robust functionality for identifying vulnerabilities and improving code quality. The integration with CodeQL is seamless, making it an essential tool for any developer serious about security. Highly recommend checking it out!