// MCP TOOL REFERENCE

CODE AUDITOR TOOLS

39 tools from the Code Auditor MCP Server, categorised by risk level.

View the Code Auditor policy →
// ALL 39 CODE AUDITOR TOOLS
READ 30 tools
Read analyze_schema_usage Analyze how database tables are used in the codebase Read audit Fetch paginated results for a completed audit by resultId (or auditId alias). This tool never starts a new ... Read audit_dashboard Generates an interactive dashboard with detailed audit findings, code maps, and remediation options. Read audit_health Quick health check of a codebase with key metrics Read audit_results Fetch paginated violations for a completed audit result by resultId. Read audit_status Get current status for a previously started background audit job. Returns resultId when completed. Read code_map_viewer Generates an interactive, navigable code map with file structure, complexity analysis, and documentation co... Read CodeIndexCustomization Local code index for AWS Q Read data-access Analyzes database access patterns and data layer interactions Read definition Find definition Read documentation Analyzes documentation quality across the codebase Read dry Detects code duplication across the codebase Read find_definition Find the exact definition of a specific function Read find_table_usage Find all functions that interact with a specific database table Read find-definition Find symbol definition Read get_analyzer_config Get current configuration for an analyzer Read get_code_map_section Retrieve a specific section of a previously generated code map Read get_schemas List all loaded database schemas with their metadata Read get_workflow_guide Get recommended workflows and best practices for using code auditor tools effectively Read index Index files Read list_code_map_sections List all available sections for a code map Read schema Analyzes code against database schemas Read search Search codebase Read search_code Search indexed functions and React components with natural language queries. Supports operators: entity:com... Read search_schema Search for tables, columns, or relationships in loaded schemas Read search-symbol Search for a symbol in the codebase Read solid Detects violations of SOLID principles Read validate_schema_consistency Validate schema consistency and find potential issues Read whitelist_detect Detect potential whitelist candidates from package.json and usage patterns Read whitelist_get Get current whitelist entries for dependency and class instantiation checks
WRITE 5 tools
Write generate_ai_config Generate configuration files for AI coding assistants Write generate_schema_discovery_sql Generate SQL queries for LLMs to extract database schema information automatically Write set_analyzer_config Set or update analyzer configuration that persists across audit runs Write whitelist_add Add a new entry to the whitelist Write whitelist_update_status Update the status of a whitelist entry
DESTRUCTIVE 3 tools
Destructive project_tasks Manage a persistent per-project task queue. Tasks and analyzer configs survive sync_index reset; reset clea... Destructive reset_analyzer_config Reset analyzer configuration to defaults Destructive sync_index Synchronize, cleanup, or reset analysis-derived data (indexed functions, cached audits, code maps, schema o...
EXECUTE 1 tools
Execute start_audit Start a background audit job. Returns immediately with a jobId. Poll audit_status until completed, then fet...
// RUNNING THIS SERVER

The managed route: connect Code Auditor through the PolicyLayer gateway — every tool call above is checked against your policy before it runs, with a full audit log.

DIRECT INSTALL (UNMANAGED) npx -y code-auditor-mcp
// FAQ
How many tools does the Code Auditor MCP server have? +

The Code Auditor MCP server exposes 39 tools across 4 categories: Read, Write, Destructive, Execute.

How do I enforce policies on Code Auditor tools? +

Route the Code Auditor server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard — they are enforced on every call before it reaches the server.

What risk categories do Code Auditor tools fall into? +

Code Auditor tools are categorised as Read (30), Write (5), Destructive (3), Execute (1). Each category has a recommended default policy.

Let agents act without letting them run wild.

Route your MCP servers through PolicyLayer and every tool call is checked against your policy before it runs — allow, deny, or require approval. Per-identity grants. Full audit log. Live in minutes.

SECURE YOUR MCP →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.