// MCP TOOL REFERENCE

SEMGREP TOOLS

8 tools from the Semgrep MCP Server, categorised by risk level.

View the Semgrep policy →

READ TOOLS

7
get_abstract_syntax_tree Output the Abstract Syntax Tree of code 2/5 security_check Scan code for security vulnerabilities 2/5 semgrep_findings Fetch findings from Semgrep AppSec Platform 2/5 semgrep_rule_schema Fetch the latest Semgrep rule JSON Schema 2/5 semgrep_scan Scan code files with a given config string 2/5 semgrep_scan_with_custom_rule Scan code using a custom Semgrep rule 2/5 supported_languages List languages Semgrep supports 2/5

WRITE TOOLS

1
write_custom_semgrep_rule Create a custom Semgrep scanning rule 3/5
// FAQ
How many tools does the Semgrep MCP server have? +

The Semgrep MCP server exposes 8 tools across 2 categories: Read, Write.

How do I enforce policies on Semgrep tools? +

Use Intercept, the open-source MCP proxy. Write YAML rules for each tool — rate limits, argument validation, or deny rules — then run Intercept in front of the Semgrep server.

What risk categories do Semgrep tools fall into? +

Semgrep tools are categorised as Read (7), Write (1). Each category has a recommended default policy.

Enforce policies on Semgrep

Open source. One binary. Zero dependencies.

npx -y @policylayer/intercept
github.com/policylayer/intercept →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.