Public

Argos

See in Github

2025-02-24

Un servidor de protocolo de contexto modelo (MCP) para analizar repositorios de GitLab y realizar evaluaciones de seguridad.

1

Github Watches

1

Github Forks

1

Github Stars

Argus - Repository Analysis and Security Assessment Tool

A powerful Model Context Protocol (MCP) tool for analyzing code repositories, performing security scans, and assessing code quality across multiple programming languages.

Features

Multi-Language Support
- Go: gocyclo, golangci-lint analysis
- Java: PMD static analysis
- Python: Pylint, Bandit security checks
- JavaScript/TypeScript: ESLint analysis
- Automatic language detection
Security Scanning
- Integrated Trivy vulnerability scanner
- Comprehensive security reports
- Support for multiple branches
Git Operations
- Branch enumeration and management
- Commit history analysis
- Diff comparisons
- Repository structure visualization

Installation

Prerequisites

Python 3.8+
Git
libmagic (system dependency)

System Dependencies

macOS

brew install libmagic

Linux (Ubuntu/Debian)

sudo apt-get update
sudo apt-get install -y libmagic1

Installation via uv

uvx argus

Usage

Basic MCP Commands

# Analyze repository structure
analyze_repository_structure(
    repo_url="https://gitlab.com/user/repo",
    gitlab_credentials={"api_key": "your-token"},  # Optional
    branch="main"  # Optional
)

# Perform code quality analysis
analyze_code_quality(
    repo_url="https://gitlab.com/user/repo",
    language="python"  # Optional, will auto-detect if not specified
)

# Security scan
security_scan_repository(
    repo_url="https://gitlab.com/user/repo",
    scan_type="trivy"
)

# Compare changes
compare_git_changes(
    repo_url="https://gitlab.com/user/repo",
    source="feature-branch",
    target="main"
)

# Security scan repository
security_scan_repository(
    repo_url="https://gitlab.com/user/repo",
    scan_type="trivy"
)

### MCP Configuration

```json
{
    "command": "uvx",
    "args": [
        "--from",
        "git+https://github.com/athapong/argus",
        "argus"
    ],
    "alwaysAllow": [
        "get_commit_history",
        "enumerate_branches",
        "compare_git_changes",
        "analyze_code_quality",
        "security_scan_repository"  
    ],
    "timeout": 300
}

Supported Analysis Tools

Language	Tools	Installation
Go	gocyclo, golangci-lint	`go install github.com/fzipp/gocyclo/cmd/gocyclo@latest`
Java	PMD	macOS: `brew install pmd`, Linux: Auto-installed
Python	Pylint, Bandit	Auto-installed via dependencies
JavaScript	ESLint	`npm install -g eslint`

Environment Variables

SKIP_SYSTEM_CHECK: Set to any value to skip system dependency checks
PATH: Automatically updated for tool installations

Error Handling

The tool provides detailed error messages and graceful fallbacks:

Dependency installation failures show warnings instead of errors
Language detection falls back to specified language if auto-detection fails
Tool execution errors are captured in the response structure

License

MIT License

Contributing

Fork the repository
Create your feature branch
Commit your changes
Push to the branch
Create a new Pull Request

Reviews

3 (1)

user_JB3LeRLX

2025-04-15

As a loyal user of @container-inc/mcp, I highly recommend this product to anyone in need of efficient container management. The functionality and ease of use are top-notch, thanks to the excellent work by f-inc. It's a game-changer for optimizing server operations and enhancing productivity. Check it out at https://mcp.so/server/containerinc-mcp/f-inc for a seamless experience in container orchestration!