semgrep/semgrep
claude-codeLightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Our Verdict
Lightweight static analysis tool for many languages that finds bug variants using patterns resembling source code. Best for developers and teams adding security checks to CI/CD pipelines. Differentiates with code-like rules versus regex or abstract queries in tools like CodeQL.
Frequently Asked Questions
What is Semgrep used for?
Semgrep is used for lightweight static analysis across many languages to detect bug variants. It employs patterns that resemble source code for precise, easy-to-write rules.
What is semgrep?
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
How do I install semgrep?
Visit the GitHub repository at https://github.com/semgrep/mcp-marketplace for installation instructions.
What license does semgrep use?
semgrep uses the Proprietary license.
What are alternatives to semgrep?
Search My AI Guide for similar tools in this category.
Open source & community-verified
Proprietary licensed: free to use in any project, no strings attached. 15,381 developers have starred this, meaning the community has reviewed and trusted it.
Reviewed by My AI Guide for relevance, quality, and active maintenance before listing.
Install in Claude Code:
/install semgrep