{"id":50156494,"url":"https://github.com/BlockSecCA/joern-mcp","last_synced_at":"2026-06-10T04:00:54.941Z","repository":{"id":346172007,"uuid":"1167786383","full_name":"BlockSecCA/joern-mcp","owner":"BlockSecCA","description":"MCP server wrapping Joern for AI-driven code security analysis","archived":false,"fork":false,"pushed_at":"2026-03-22T15:57:32.000Z","size":90,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-03-23T06:54:51.818Z","etag":null,"topics":["code-security","cpg","joern","mcp","static-analysis","typescript"],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/BlockSecCA.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-26T17:22:40.000Z","updated_at":"2026-03-22T15:58:28.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/BlockSecCA/joern-mcp","commit_stats":null,"previous_names":["blocksecca/joern-mcp"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/BlockSecCA/joern-mcp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BlockSecCA%2Fjoern-mcp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BlockSecCA%2Fjoern-mcp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BlockSecCA%2Fjoern-mcp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BlockSecCA%2Fjoern-mcp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/BlockSecCA","download_url":"https://codeload.github.com/BlockSecCA/joern-mcp/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BlockSecCA%2Fjoern-mcp/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34136112,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-10T02:00:07.152Z","response_time":89,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["code-security","cpg","joern","mcp","static-analysis","typescript"],"created_at":"2026-05-24T12:00:43.448Z","updated_at":"2026-06-10T04:00:54.935Z","avatar_url":"https://github.com/BlockSecCA.png","language":"TypeScript","funding_links":[],"categories":["TypeScript"],"sub_categories":[],"readme":"# joern-mcp\n\n[![Version](https://img.shields.io/badge/version-0.1.0-blue)](https://github.com/BlockSecCA/joern-mcp/releases) [![License](https://img.shields.io/github/license/BlockSecCA/joern-mcp)](LICENSE) [![TypeScript](https://img.shields.io/badge/TypeScript-strict-3178C6?logo=typescript\u0026logoColor=white)](https://www.typescriptlang.org/) [![MCP](https://img.shields.io/badge/MCP-Model_Context_Protocol-7c3aed?logo=data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCIgdmlld0JveD0iMCAwIDI0IDI0IiBmaWxsPSJ3aGl0ZSI+PGNpcmNsZSBjeD0iMTIiIGN5PSIxMiIgcj0iMTAiLz48L3N2Zz4=)](https://modelcontextprotocol.io/) [![Joern](https://img.shields.io/badge/Joern-CPG_Analysis-e34c26)](https://joern.io/)\n\nMCP server that wraps a local [Joern](https://joern.io) instance for AI-driven code security analysis. Gives Claude Code the ability to import codebases, query the Code Property Graph (CPG), trace data flows, and detect vulnerabilities.\n\n## Architecture\n\n```\nClaude Code  \u003c--stdio--\u003e  joern-mcp (TypeScript)  \u003c--HTTP--\u003e  Joern server (JVM)\n```\n\njoern-mcp is the bridge. It translates MCP tool calls into CPGQL queries sent to Joern's `/query-sync` HTTP endpoint.\n\n## Prerequisites\n\n- **Node.js** 18+\n- **Joern** installed and on PATH ([install guide](https://docs.joern.io/installation))\n\nTested with Joern v4.x. The HTTP API has been stable since mid-2023.\n\n## Install\n\n```bash\nbun install\nbun run build\n```\n\n## Register with Claude Code\n\n```bash\nclaude mcp add joern-mcp -- node /path/to/joern-mcp/dist/index.js\n```\n\n## Usage\n\n1. Start Joern server: `joern --server`\n2. In a Claude Code session, use the tools:\n\n```\n# Import a codebase (one-time, builds the CPG)\nimport_code(\"/path/to/repo\", \"my-project\")\n\n# Scan for vulnerabilities\nfind_vulnerabilities()\n\n# Trace data flow from source to sink\ntaint_analysis({ source: \"method.name(\\\"gets\\\").parameter\", sink: \"method.name(\\\"strcpy\\\").parameter\" })\n\n# Run any CPGQL query\nquery(\"cpg.method.name.l\")\n```\n\n## Configuration\n\n| Environment Variable | Default | Purpose |\n|---------------------|---------|---------|\n| `JOERN_HOST` | `localhost` | Joern server hostname |\n| `JOERN_PORT` | `8080` | Joern server port |\n| `JOERN_QUERY_TIMEOUT` | `30000` | Query timeout in ms |\n| `JOERN_IMPORT_TIMEOUT` | `300000` | Import/analysis timeout in ms |\n\n## Tools\n\n### Workspace Management\n| Tool | Description |\n|------|-------------|\n| `import_code` | Import a codebase into Joern (builds CPG) |\n| `list_projects` | List all projects in the workspace |\n| `switch_project` | Set the active project |\n| `close_project` | Unload a CPG from memory |\n\n### Querying\n| Tool | Description |\n|------|-------------|\n| `query` | Run arbitrary CPGQL against the active CPG |\n| `get_methods` | List methods (optional name filter) |\n| `get_calls` | Find call sites (optional method filter) |\n| `get_types` | List types/classes (optional name filter) |\n\n### Security Analysis\n| Tool | Description |\n|------|-------------|\n| `find_vulnerabilities` | Run default vulnerability detection |\n| `taint_analysis` | Trace data flow from source to sink |\n| `reachable_by` | Check if sink is reachable from source |\n| `get_data_flows` | Get all data flow paths between two points |\n\n### Navigation\n| Tool | Description |\n|------|-------------|\n| `get_source` | Read source code of a method |\n| `get_callers` | Find all callers of a method |\n| `get_callees` | Find all methods called by a method |\n| `get_parameters` | Get parameter types and names |\n\n## Claude Code Skill\n\nThe repo includes a Claude Code skill at `.claude/skills/joern-analysis/SKILL.md` that guides the full security analysis workflow — from importing code through vulnerability scanning to data flow tracing.\n\nTo make it available globally, symlink it:\n\n```bash\nln -s /path/to/joern-mcp/.claude/skills/joern-analysis ~/.claude/skills/joern-analysis\n```\n\nThen invoke it in any Claude Code session with `/joern-analysis`. The skill walks through the standard workflow:\n\n1. **Connect and import** — verify Joern is up, build the CPG\n2. **Explore** — list methods, types, call sites\n3. **Navigate** — trace callers/callees, class hierarchies\n4. **Analyze** — run vulnerability scans, taint analysis, data flow tracing\n5. **Raw queries** — arbitrary CPGQL for anything the structured tools don't cover\n\n## Development\n\n```bash\nbun run build          # Compile TypeScript\nbun run dev            # Watch mode\nbun run test           # Run unit + integration tests (no Joern needed)\nbun run test:watch     # Watch mode for tests\n\n# Smoke tests (requires running Joern server)\nJOERN_SMOKE=1 bun run test tests/smoke.test.ts\n```\n\n### Testing strategy\n\n- **Parsers** — Pure function tests for ANSI stripping and Scala REPL output parsing\n- **CPGQL templates** — String construction tests\n- **HTTP client** — Mocked `fetch`, covers all error paths\n- **MCP integration** — Full round-trip via `InMemoryTransport` (no Joern, no stdio)\n- **Smoke tests** — Real Joern, skipped unless `JOERN_SMOKE=1`\n\n## Joern Compatibility\n\nThe HTTP API (`/query-sync`) is implemented by `scala-repl-pp` and has been stable since mid-2023. CPGQL query syntax can change in any Joern nightly release — all query templates are centralized in `src/cpgql.ts` for easy audit on upgrades.\n\n## License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FBlockSecCA%2Fjoern-mcp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FBlockSecCA%2Fjoern-mcp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FBlockSecCA%2Fjoern-mcp/lists"}