https://github.com/jordyzomer/codeql-mcp

This project runs a Model Context Protocol (MCP) server that wraps the CodeQL query server. It enables tools like [Cursor](https://cursor.sh/) or AI agents to interact with CodeQL through structured commands.
https://github.com/jordyzomer/codeql-mcp

Last synced: 3 months ago
JSON representation

This project runs a Model Context Protocol (MCP) server that wraps the CodeQL query server. It enables tools like [Cursor](https://cursor.sh/) or AI agents to interact with CodeQL through structured commands.

• Host: GitHub
• URL: https://github.com/jordyzomer/codeql-mcp
• Owner: JordyZomer
• Created: 2025-03-30T20:32:15.000Z (6 months ago)
• Default Branch: main
• Last Pushed: 2025-03-30T20:35:17.000Z (6 months ago)
• Last Synced: 2025-06-29T11:11:34.017Z (3 months ago)
• Language: Python
• Size: 3.91 KB
• Stars: 92
• Watchers: 1
• Forks: 13
• Open Issues: 3
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

• awesome-mcp-servers - Codeql - Bridges to the CodeQL static analysis engine through an MCP server, allowing for identification of security vulnerabilities and quality issues via structured queries. A prominent MCP server for code analysis. ([Read more](/details/codeql.md)) `mcp` `code-analysis` `security` `quality-assurance` (Repository & Code Analysis MCP Servers)

README

          
# CodeQL MCP Server

This project runs a Model Context Protocol (MCP) server that wraps the CodeQL query server. It enables tools like [Cursor](https://cursor.sh/) or AI agents to interact with CodeQL through structured commands and doc search.

---

##  Features

- ✅ Register CodeQL databases  

- ✅ Run full queries or quick-evaluate a symbol  

- ✅ Decode `.bqrs` files into JSON  

- ✅ Locate predicate/class symbol positions  

---

##  File Structure

| File              | Purpose                                             |

|-------------------|-----------------------------------------------------|

| `server.py`       | Main FastMCP server exposing CodeQL tools           |

| `codeqlclient.py` | CodeQLQueryServer implementation (JSON-RPC handler) |

---

##  Requirements

Install with [`uv`](https://github.com/astral-sh/uv):

```bash

uv pip install -r requirements.txt

```

or with `pip`:

```bash

pip install fastmcp httpx

```

## Running the MCP Server

```bash

uv run mcp run server.py -t sse

```

- Starts the server at http://localhost:8000/sse

- Required for Cursor or AI agent use

## Cursor Config

Make sure your `.cusor/config.json` contains:

```

{

  "mcpServers": {

    "CodeQL": {

      "url": "http://localhost:8000/sse"

    }

  }

}

```

## Notes

- Tools like Cursor will invoke these commands directly via natural language.

- You must have a codeql binary in your $PATH, or hardcode its path in codeqlclient.py.

- You should probably specify query locations, query write locations and database paths in your prompts.