Private
codeql-mcp
2025-03-31
This project runs a Model Context Protocol (MCP) server that wraps the CodeQL query server. It enables tools like [Cursor](https://cursor.sh/) or AI agents to interact with CodeQL through structured commands.
1
Github Watches
6
Github Forks
73
Github Stars
CodeQL MCP Server
This project runs a Model Context Protocol (MCP) server that wraps the CodeQL query server. It enables tools like Cursor or AI agents to interact with CodeQL through structured commands and doc search.
Features
- ✅ Register CodeQL databases
- ✅ Run full queries or quick-evaluate a symbol
- ✅ Decode
.bqrsfiles into JSON - ✅ Locate predicate/class symbol positions
File Structure
| File | Purpose |
|---|---|
server.py |
Main FastMCP server exposing CodeQL tools |
codeqlclient.py |
CodeQLQueryServer implementation (JSON-RPC handler) |
Requirements
Install with uv:
uv pip install -r requirements.txt
or with pip:
pip install fastmcp httpx
Running the MCP Server
uv run mcp run server.py -t sse
- Starts the server at http://localhost:8000/sse
- Required for Cursor or AI agent use
Cursor Config
Make sure your .cusor/config.json contains:
{
"mcpServers": {
"CodeQL": {
"url": "http://localhost:8000/sse"
}
}
}
Notes
- Tools like Cursor will invoke these commands directly via natural language.
- You must have a codeql binary in your $PATH, or hardcode its path in codeqlclient.py.
- You should probably specify query locations, query write locations and database paths in your prompts.
相关推荐
I find academic articles and books for research and literature reviews.
Confidential guide on numerology and astrology, based of GG33 Public information
Emulating Dr. Jordan B. Peterson's style in providing life advice and insights.
Your go-to expert in the Rust ecosystem, specializing in precise code interpretation, up-to-date crate version checking, and in-depth source code analysis. I offer accurate, context-aware insights for all your Rust programming questions.
Advanced software engineer GPT that excels through nailing the basics.
Converts Figma frames into front-end code for various mobile frameworks.
Take an adjectivised noun, and create images making it progressively more adjective!
Discover the most comprehensive and up-to-date collection of MCP servers in the market. This repository serves as a centralized hub, offering an extensive catalog of open-source and proprietary MCP servers, complete with features, documentation links, and contributors.
The all-in-one Desktop & Docker AI application with built-in RAG, AI agents, No-code agent builder, MCP compatibility, and more.
Micropython I2C-based manipulation of the MCP series GPIO expander, derived from Adafruit_MCP230xx
Fair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.
🧑🚀 全世界最好的LLM资料总结(Agent框架、辅助编程、数据处理、模型训练、模型推理、o1 模型、MCP、小语言模型、视觉语言模型) | Summary of the world's best LLM resources.
Dify is an open-source LLM app development platform. Dify's intuitive interface combines AI workflow, RAG pipeline, agent capabilities, model management, observability features and more, letting you quickly go from prototype to production.
Reviews
3
(1)
user_wdh0vHTP
2025-04-17
As a dedicated user of codeql-mcp, I must say this tool is an absolute game-changer in code analysis. Developed by JordyZomer, it offers robust functionality for identifying vulnerabilities and improving code quality. The integration with CodeQL is seamless, making it an essential tool for any developer serious about security. Highly recommend checking it out!