Axivion MISRA C:2012 Compliance Agent
An MCP server that integrates with GitHub Copilot to analyze Axivion static-analysis reports and provide MISRA C:2012 compliance assistance. It offers deep rule explanations, rationale, and confidence-scored fix suggestions for identified code violations.
README
Axivion MISRA C:2012 Compliance Agent — MCP Server
An MCP (Model Context Protocol) server that turns GitHub Copilot into a MISRA C:2012 compliance assistant. It loads Axivion static-analysis reports, performs cross-file AST analysis using tree-sitter, explains violations with full rule rationale, and proposes concrete, confidence-scored fixes — all within your editor.
Disclaimer: The MISRA rule knowledge in this tool is derived from publicly available summaries and documentation. It is not a substitute for the official MISRA C:2012 standard. For authoritative rule text, consult your licensed copy.
Features
| Capability | Description |
|---|---|
| Preprocessor Support | Handles macro expansion and conditional compilation (#ifdef) before analysis, ensuring accurate symbol resolution and dead code elimination |
| Report parsing | Auto-detects multiple Axivion JSON formats (issues, findings, warnings, results, bare arrays) |
| Cross-file AST analysis | tree-sitter-powered workspace indexing: include graph, symbol table, call graph, typedef registry |
| Rule knowledge base | 29 MISRA C:2012 rules (2.x, 8.x, 10.x) with rationale, compliant/non-compliant examples, and fix strategies |
| AST-informed fix engine | Structural analysis (parameter usage, pointer writes, scope, reachability) for precise fixes |
| Confidence scoring | Each fix suggestion is rated HIGH / MEDIUM / LOW based on AST evidence depth |
| Cross-file impact | Side-effect warnings showing which files and callers are affected by a change |
| Windows compatible | POSIX-normalised path handling with case-insensitive matching for Windows filesystems |
Architecture
┌──────────────────────────────────────────────────────┐
│ GitHub Copilot │
│ (MCP Client / LLM Host) │
└──────────────┬───────────────────────────────────────┘
│ stdio (JSON-RPC)
┌──────────────▼───────────────────────────────────────┐
│ fastmcp_server.py (6 tools) │
│ ┌──────────┐ ┌──────────┐ ┌──────────────────────┐ │
│ │load_report│ │list_viols│ │ analyze_violation │ │
│ └──────────┘ └──────────┘ └──────────────────────┘ │
│ ┌────────────┐ ┌────────────┐ ┌──────────────────┐ │
│ │explain_rule│ │propose_fix │ │cross_file_impact │ │
│ └────────────┘ └────────────┘ └──────────────────┘ │
├──────────────────────────────────────────────────────┤
│ core/ │
│ ├── axivion_parser.py JSON → violations │
│ ├── context_provider.py code context retrieval │
│ ├── c_analyzer.py tree-sitter AST analysis │
│ ├── workspace_index.py cross-file index engine │
│ ├── misra_knowledge_base.py 29 rules with examples │
│ └── fix_engine.py AST-informed fixes │
└──────────────────────────────────────────────────────┘
Cross-File Analysis Pipeline
When load_report is called, the server builds a WorkspaceIndex that scans all .c and .h files:
workspace_root/
├── *.c, *.h files
│
▼
┌─────────────┐ ┌─────────────┐ ┌───────────┐ ┌──────────────┐
│IncludeGraph │ │SymbolTable │ │ CallGraph │ │TypeRegistry │
│ │ │ │ │ │ │ │
│#include │ │declarations │ │caller → │ │typedef chain │
│resolution + │ │definitions │ │callee │ │resolution │
│transitive │ │linkage info │ │mapping │ │ │
│closure │ │per file │ │ │ │ │
└─────────────┘ └─────────────┘ └───────────┘ └──────────────┘
This enables 15+ MISRA rules that require cross-translation-unit context (8.3, 8.4, 8.5, 8.6, 8.8, 8.13, etc.).
Prerequisites
- Python 3.10+ (required by the
mcpSDK) - VS Code with GitHub Copilot extension
- An Axivion JSON report (or use the included mock reports for testing)
Setup
# 1. Clone
git clone https://github.com/varunjain-byte/MISRA-MCP.git
cd MISRA-MCP
# 2. Create virtual environment
python3.10 -m venv venv
source venv/bin/activate # macOS / Linux
# venv\Scripts\activate # Windows
# 3. Install dependencies
pip install -r requirements.txt
VS Code Configuration
Add the following to your VS Code settings.json (User or Workspace):
{
"mcpServers": {
"axivion-misra": {
"command": "/absolute/path/to/venv/bin/python",
"args": [
"/absolute/path/to/fastmcp_server.py"
],
"env": {}
}
}
}
Windows: use
venv\\Scripts\\python.exefor the command path.
MCP Tools
1. load_report
Loads an Axivion JSON report, normalises file paths against the workspace, and builds the cross-file index.
load_report(report_path="/path/to/report.json", workspace_root="/path/to/source")
→ "Successfully loaded report. Found 55 violations.
Workspace indexed: 12 .c files, 8 .h files, 94 symbols, 37 call sites."
2. list_violations
Lists all violations in a specific file, with rule titles.
list_violations(file_path="src/module.c")
→ **15 violations in src/module.c:**
- [MisraC2012-8.10] Line 92 (medium): Inline without static
*Inline function shall be declared static*
...
3. analyze_violation
Deep analysis: code context + AST findings + rule explanation + fix suggestion in one call.
analyze_violation(rule_id="MisraC2012-8.10", file_path="src/module.c")
→ Violation Analysis table
+ 30-line code snippet
+ Full rule explanation (rationale, examples)
+ AST-informed fix suggestion with confidence score
+ Cross-file impact warnings
4. explain_rule
Full MISRA rule reference: title, category, rationale, compliant/non-compliant examples, and fix strategy.
explain_rule(rule_id="MisraC2012-10.3")
→ ## MisraC2012-10.3 — Assignment to narrower or different essential type
**Category**: Required
### Rationale ...
### Non-Compliant Example ...
### Compliant Example ...
### How to Fix ...
5. propose_fix
AST-informed fix with structural evidence, before/after code, and side-effect warnings.
propose_fix(rule_id="MisraC2012-8.10", file_path="src/module.c", line_number=92)
→ ### Fix Suggestion — MisraC2012-8.10
**Confidence**: HIGH
#### Before: inline int square(int x) { ... }
#### After: static inline int square(int x) { ... }
#### ⚠ Potential Side Effects: ...
6. cross_file_impact
Shows which files are affected by changing a symbol — declarations, definitions, and callers across the project.
cross_file_impact(symbol_name="compute_sum")
→ ### Cross-File Impact: compute_sum
**Declarations**: utils.h:5
**Definitions**: utils.c:12
**Callers**: main.c:25, test_runner.c:40
**Files affected**: 4
7. coverage_report
Generates a summary of all active MISRA rules.
coverage_report()
→ # MISRA C:2012 Coverage Report
**Total Rules Supported**: 160
...
Supported Axivion JSON Formats
The parser auto-detects these structures:
// Format 1: {"issues": [...]}
{"issues": [{"ruleId": "...", "location": {"path": "...", "startLine": 10}, ...}]}
// Format 2: {"findings": [...]}
{"findings": [{"rule": "...", "file": "...", "line": 10, ...}]}
// Format 3: Top-level array
[{"ruleId": "...", "location": {"path": "...", "startLine": 10}, ...}]
Each issue can use various key names — the parser normalises them:
- Rule ID:
ruleId,rule_id,rule,checkId,errorNumber - File path:
location.path,location.file,file,path - Line number:
location.startLine,location.line,line,startLine - Severity:
severity,priority,level
MISRA Rules Covered
The agent now supports 160+ rules across all major MISRA C:2012 sections.
| Section | Topic | Supported Rules |
|---|---|---|
| 2.x | Unused Code | 2.1 – 2.7 (All) |
| 5.x | Identifiers | 5.1 – 5.9 |
| 6.x | Types | 6.1 – 6.2 |
| 7.x | Literals | 7.1 – 7.4 |
| 8.x | Declarations | 8.1 – 8.14 (All) |
| 9.x | Initialization | 9.1 – 9.5 |
| 10.x | Essential Types | 10.1 – 10.8 (All) |
| 11.x | Pointer Casting | 11.1 – 11.9 |
| 12.x | Expressions | 12.1 – 12.4 |
| 13.x | Side Effects | 13.1 – 13.6 |
| 14.x | Control Flow | 14.1 – 14.4 |
| 15.x | Control Flow | 15.1 – 15.7 |
| 16.x | Switch | 16.1 – 16.7 |
| 17.x | Functions | 17.1 – 17.8 |
| 18.x | Pointers | 18.1 – 18.8 |
| 19.x | Overlapping | 19.1, 19.2 |
| 20.x | Preprocessor | 20.1 – 20.14 |
| 21.x | Stdlib | 21.1 – 21.21 |
| 22.x | Resources | 22.1 – 22.10 |
Run the coverage_report tool to see the full list of enabled rules.
Known Limitations
Preprocessor
| Limitation | Detail |
|---|---|
| Macro debugging | Violations in macros are analyzed by parsing the macro body as an expression. Complex multi-line macros may still require manual verification of the expanded code. |
| Partial Config | The preprocessor uses a default configuration. Project-specific defines must be inferred or passed via include_dirs. |
Cross-File Analysis
| Limitation | Detail |
|---|---|
| No linker-level analysis | The symbol table is built from AST parsing, not from object files. Symbols introduced by the linker or via weak symbols are not visible. |
| Include path resolution | Only #include "..." (relative to current file) and workspace-root includes are resolved. System headers (<stdio.h>) and external library headers are skipped. Custom include paths can be passed via include_dirs parameter. |
| Typedef depth | Typedef chains are resolved iteratively up to a reasonable depth, but deeply nested or recursive typedefs through macros may not fully resolve. |
| Call graph scope | Call sites are identified syntactically (function call expressions in AST). Indirect calls via function pointers are not tracked. |
Parser & Language Support
| Limitation | Detail |
|---|---|
| C only | Supports C89/C99/C11 syntax via tree-sitter-c. C++ features (templates, namespaces, overloading) are not supported. |
| tree-sitter edge cases | Very unusual C constructs (K&R function definitions, computed goto, GCC statement expressions) may not parse identically to a full compiler. |
| Binary files | Files containing null bytes in the first 8 KB are skipped as binary. |
| Large files | Context provider caps file reads at 100,000 lines. |
Fix Engine
| Limitation | Detail |
|---|---|
| Guidance, not auto-fix | The engine provides fix suggestions and structural evidence; it does not automatically modify source files. The LLM (Copilot) generates the actual code change. |
| Rule coverage | Detailed AST-informed analysis is implemented for rules 2.1, 2.7, 8.3–8.14, 10.3. Other rules in the knowledge base use text-based heuristics. |
| No build integration | The tool does not compile the code or invoke a build system. It cannot verify that a proposed fix compiles cleanly. |
Platform
| Limitation | Detail |
|---|---|
| Path normalisation | All internal paths are normalised to POSIX forward slashes. Edge cases with UNC paths (\\\\server\\share) or very long Windows paths (>260 chars) are untested. |
| Encoding | Source files are read as UTF-8 with errors="replace". Non-UTF-8 files will have garbled characters but will not crash. |
Running Tests
source venv/bin/activate
# Unit + integration tests
python -m unittest discover tests -v
# Legacy logic tests
python tests/test_logic.py
The test suite validates:
- Axivion parser loads 55 violations across 29 rules
- Knowledge base has complete entries for all 29 rules
- Fix engine produces suggestions for every violation
- Cross-file analysis (46 tests): workspace indexing, include graph, symbol table, call graph, type registry, and rule-specific checks (8.3, 8.4, 8.5, 8.6, 8.8, 8.13)
Project Structure
MISRA-MCP/
├── fastmcp_server.py # MCP server entry point (6 tools)
├── requirements.txt # Python dependencies
├── README.md
├── LICENSE # MIT
├── .gitignore
├── core/
│ ├── __init__.py
│ ├── axivion_parser.py # Multi-format JSON parser + path normalisation
│ ├── context_provider.py # Code context + function extraction
│ ├── c_analyzer.py # tree-sitter AST analysis (single-file)
│ ├── workspace_index.py # Cross-file index (IncludeGraph, SymbolTable,
│ │ # CallGraph, TypeRegistry)
│ ├── misra_knowledge_base.py # 29 MISRA rules with examples
│ └── fix_engine.py # AST-informed fix suggestions
└── tests/
├── __init__.py
├── test_logic.py # Unit + integration tests
├── test_cross_file.py # Cross-file analysis tests (46 tests)
├── mock_report.json # 55-violation sample report
├── mock_code.c # Basic C mock
├── mock_code_rule2x.c # Rule 2.x edge cases
├── mock_code_rule8x.c # Rule 8.x edge cases
├── mock_code_rule10x.c # Rule 10.x edge cases
└── mock_project/ # Multi-file mock for cross-file tests
├── config.h
├── utils.h
├── utils.c
├── main.c
└── other.c
License
MIT — see LICENSE.
推荐服务器
Baidu Map
百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。
Playwright MCP Server
一个模型上下文协议服务器,它使大型语言模型能够通过结构化的可访问性快照与网页进行交互,而无需视觉模型或屏幕截图。
Audiense Insights MCP Server
通过模型上下文协议启用与 Audiense Insights 账户的交互,从而促进营销洞察和受众数据的提取和分析,包括人口统计信息、行为和影响者互动。
Magic Component Platform (MCP)
一个由人工智能驱动的工具,可以从自然语言描述生成现代化的用户界面组件,并与流行的集成开发环境(IDE)集成,从而简化用户界面开发流程。
VeyraX
一个单一的 MCP 工具,连接你所有喜爱的工具:Gmail、日历以及其他 40 多个工具。
Kagi MCP Server
一个 MCP 服务器,集成了 Kagi 搜索功能和 Claude AI,使 Claude 能够在回答需要最新信息的问题时执行实时网络搜索。
graphlit-mcp-server
模型上下文协议 (MCP) 服务器实现了 MCP 客户端与 Graphlit 服务之间的集成。 除了网络爬取之外,还可以将任何内容(从 Slack 到 Gmail 再到播客订阅源)导入到 Graphlit 项目中,然后从 MCP 客户端检索相关内容。
Exa MCP Server
模型上下文协议(MCP)服务器允许像 Claude 这样的 AI 助手使用 Exa AI 搜索 API 进行网络搜索。这种设置允许 AI 模型以安全和受控的方式获取实时的网络信息。
mcp-server-qdrant
这个仓库展示了如何为向量搜索引擎 Qdrant 创建一个 MCP (Managed Control Plane) 服务器的示例。
e2b-mcp-server
使用 MCP 通过 e2b 运行代码。