// MCP TOOL REFERENCE
Low Risk

corn_code_search

Search the codebase for architecture concepts, execution flows, and file matches using hybrid vector/AST search. Supply projectId to scope to a specific project.

How to control corn_code_search ↓

WHAT CORN_CODE_SEARCH ON CORNMCP DOES

AI agents call corn_code_search to retrieve information from CornMCP without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.

THE RISK

Low Risk

corn_code_search is a read-only tool that searches and retrieves information from a codebase. It enables queries across architecture concepts, execution flows, and file matches but does not create, modify, delete, or execute any code. The scope parameter allows filtering by project but does not enable destructive or mutative operations.

From the tool's definition Tool performs 'search' and 'matches' operations on codebase using 'hybrid vector/AST search' with no mention of modifications, deletions, or side effects. Description explicitly indicates retrieval/query behavior.

Documented attack patterns abuse exactly the kind of access corn_code_search gives an agent:

HOW TO CONTROL CORN_CODE_SEARCH

PolicyLayer is an MCP gateway — it sits between your AI agents and CornMCP, and nothing reaches the server without passing your rules. This is the rule we recommend for corn_code_search:

policy.json 
{
  "version": "1",
  "default": "deny",
  "tools": {
    "corn_code_search": {}
  }
}

corn_code_search is read-only, so it stays allowed — but everything else on the server is denied unless you say otherwise.

  1. Create a free account and register CornMCP — nothing to install.
  2. Add this policy — paste it, or build it visually.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
CAP THIS TOOL →

Free to start. No card required.

EXPLORE

More CornMCP tools

Execute corn_cypher Run Cypher queries against the code knowledge graph. Supports MATCH, RETURN, WHERE, ORDER Write corn_quality_report Submit a quality report with 4-dimension scoring (Build, Regression, Standards, Traceabili Write corn_session_start Start a new work session. Call this at the beginning of a task to enable session tracking, Write corn_knowledge_store Store a knowledge item in the shared knowledge base. Use for bug fixes, patterns, decision Write corn_memory_store Store a memory for later recall. Agents remember across sessions. Include project and bran Write corn_session_end End the current work session. Provide a summary of changes and decisions for handoff. Read corn_changes Check for recent code changes pushed by other agents/team members. Returns unseen commits Read corn_code_context Get a 360° view of a code symbol: its methods, callers, callees, and related execution flo

All 18 CornMCP tools →

Read tools on other servers

Frida Game Hacking MCP check_installation Procmon analyze_pe MegaMemory get_concept WireMCP analyze_pcap

Go deeper

FAQ

What does the corn_code_search tool do? +

Search the codebase for architecture concepts, execution flows, and file matches using hybrid vector/AST search. Supply projectId to scope to a specific project. It is categorised as a Read tool in the CornMCP MCP Server, which means it retrieves data without modifying state.

How do I enforce a policy on corn_code_search? +

Register the Corn MCP server in PolicyLayer and add a rule for corn_code_search: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches CornMCP. Nothing to install.

What risk level is corn_code_search? +

corn_code_search is a Read tool with low risk. Read-only tools are generally safe to allow by default.

Can I rate-limit corn_code_search? +

Yes. Add a rate_limit block to the corn_code_search rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block corn_code_search completely? +

Set action: deny in the PolicyLayer policy for corn_code_search. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides corn_code_search? +

corn_code_search is provided by the Corn MCP server (yuki-20/cornmcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every CornMCP tool call.

Deterministic rules across all 18 CornMCP tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

GOVERN CORNMCP →

Free to start. No card required.

18 CornMCP tools catalogued and risk-classified — across an index of 42,500+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.