MCP 服务器

Joern MCP Server

Enables AI assistants to perform sophisticated static code analysis using Joern's Code Property Graph technology. Supports multi-language analysis, security vulnerability detection, and code quality assessment through isolated Docker environments.

README

🕷️ joern-mcp

A production-ready Model Context Protocol (MCP) server that provides AI assistants with static code analysis capabilities using Joern's Code Property Graph (CPG) technology.

Overview

The Joern MCP Server enables AI coding assistants to perform sophisticated static code analysis by leveraging Joern's powerful CPG-based analysis in isolated Docker environments. It implements the Model Context Protocol standard, making it compatible with various AI assistants and development environments.

Features

Static Code Analysis: Deep code analysis using Joern's CPG technology
Multi-Language Support: C/C++, Java, JavaScript/TypeScript, Python, Go, Kotlin, Scala, C#
Isolated Execution: All analysis runs in secure Docker containers
Intelligent Caching: Efficient CPG caching with configurable TTL
GitHub Integration: Direct analysis of GitHub repositories
Production Ready: Comprehensive error handling, logging, and monitoring
MCP Compliance: Full Model Context Protocol implementation

Quick Start

Prerequisites

Python 3.8+
Docker
Git

Installation

Clone the repository:

git clone https://github.com/Lekssays/joern-mcp.git
cd joern-mcp

Install dependencies:
```
pip install -r requirements.txt
```

Build Joern Docker image:

# Option 1: Use the build script (recommended)
./build.sh

# Option 2: Build manually
docker build -t joern:latest .

Running the Server

Validate setup first:

python validate.py

Basic usage:

python main.py

With configuration file:

python main.py config.yml

Using environment variables:

export JOERN_DOCKER_IMAGE=joern:latest
export JOERN_CACHE_DIR=/tmp/joern_cache
export GITHUB_TOKEN=your_token_here
python main.py

Note: The joern:latest image is built locally using the included Dockerfile, not pulled from a registry.

Configuration

Create a config.yml file for custom configuration:

docker:
  image: "joern:latest"
  cpu_limit: "2"
  memory_limit: "4g"
  timeout: 300
  network_mode: "none"

cache:
  enabled: true
  max_size_gb: 10
  ttl_hours: 24
  directory: "/tmp/joern_cache"

max_concurrent_analyses: 3
github_token: "your_github_token"  # Optional, for private repos
log_level: "INFO"

Environment Variables

Variable	Description	Default
`JOERN_DOCKER_IMAGE`	Joern Docker image	`joern:latest`
`JOERN_CPU_LIMIT`	CPU limit for containers	`2`
`JOERN_MEMORY_LIMIT`	Memory limit for containers	`4g`
`JOERN_TIMEOUT`	Container timeout (seconds)	`300`
`JOERN_CACHE_ENABLED`	Enable CPG caching	`true`
`JOERN_CACHE_SIZE_GB`	Cache size limit (GB)	`10`
`JOERN_CACHE_DIR`	Cache directory	`/tmp/joern_cache`
`GITHUB_TOKEN`	GitHub access token	-
`JOERN_LOG_LEVEL`	Logging level	`INFO`

Usage with AI Assistants

VS Code with GitHub Copilot

Add to VS Code settings.json:

{
	"servers": {
		"joern-mcp": {
			"type": "stdio",
			"command": "python",
			"args": [
				"/path/to/joern-mcp/main.py"
			]
		}
	},
	"inputs": []
}

Claude Desktop

Configure in Claude Desktop settings:

{
  "mcp": {
    "servers": [{
      "name": "joern-mcp",
      "command": ["python", "main.py"],
      "workingDirectory": "/path/to/joern-mcp"
    }]
  }
}

Available Tools

Core Tools

load_project: Load code from GitHub URL or local path
generate_cpg: Generate Code Property Graph for analysis
run_query: Execute Joern queries against the CPG
list_projects: List all loaded projects
project_info: Get detailed project information
cleanup_project: Clean up project resources

Pre-built Queries

list_queries: Access security, quality, and metrics queries

Security Queries

SQL injection detection
XSS sink identification
Hardcoded secrets discovery
Unsafe deserialization patterns

Quality Queries

Complex methods detection
Long methods identification
Duplicate code analysis
Unused variables discovery

Metrics Queries

Total methods/classes/files count
Average cyclomatic complexity

Example Usage

Load and Analyze a Project

# Example MCP client interaction
{
  "tool": "load_project",
  "arguments": {
    "source": "https://github.com/user/repo",
    "branch": "main"
  }
}

{
  "tool": "generate_cpg",
  "arguments": {
    "project_id": "abc12345"
  }
}

{
  "tool": "run_query",
  "arguments": {
    "project_id": "abc12345",
    "query": "cpg.method.filter(_.cyclomaticComplexity > 10)"
  }
}

Common Queries

Find all functions:

cpg.method.l

Find function calls:

cpg.call.l

Security analysis:

cpg.call.name(".*exec.*").code

Complex methods:

cpg.method.filter(_.cyclomaticComplexity > 10)

Development

Project Structure

joern-mcp/
├── src/
│   ├── __init__.py
│   ├── server.py          # Main server implementation
│   ├── models.py          # Data models and exceptions
│   ├── utils.py           # Utility functions
│   └── config.py          # Configuration management
├── tests/
│   ├── conftest.py        # Test configuration
│   ├── test_server.py     # Server integration tests
│   ├── test_models.py     # Model unit tests
│   └── test_utils.py      # Utility function tests
├── examples/
│   └── sample.c           # Sample code for testing
├── main.py                # Entry point
├── test_client.py         # Simple test client
├── validate.py            # Setup validation script
├── requirements.txt       # Dependencies
├── Dockerfile             # Joern Docker image
├── build.sh              # Docker build script
└── README.md

Running Tests

Run all tests:

pytest

Run with coverage:

pytest --cov=src --cov-report=html

Run integration tests (requires Docker):

pytest -m integration

Run specific test file:

pytest tests/test_server.py

Code Quality

Format code:

black src/ tests/
isort src/ tests/

Lint code:

flake8 src/ tests/
mypy src/

Troubleshooting

Common Issues

Docker connection error:

Ensure Docker is running
Check Docker daemon accessibility
Verify user permissions for Docker socket

Image not found:

Build the Joern image: docker build -t joern:latest .
Check image name in configuration
Verify the build completed successfully: docker images | grep joern

Docker build issues:

Ensure Docker has sufficient disk space
Check internet connectivity for downloading Joern
Try building with more verbose output: docker build -t joern:latest . --progress=plain

Memory issues:

Increase Docker memory limit in config
Reduce concurrent analysis limit
Clear cache directory

Permission errors:

Check file/directory permissions
Ensure cache directory is writable
Verify Docker socket permissions

Logging

Enable debug logging for troubleshooting:

export JOERN_LOG_LEVEL=DEBUG
python main.py

Contributing

Fork the repository
Create a feature branch: git checkout -b feature-name
Make changes and add tests
Run tests and linting: pytest && black . && flake8
Commit changes: git commit -am 'Add feature'
Push to branch: git push origin feature-name
Submit a pull request

License

MIT License - see LICENSE file for details.

Acknowledgments

Joern - Static analysis platform
Model Context Protocol - AI assistant integration standard

推荐服务器

Baidu Map

百度地图核心API现已全面兼容MCP协议，是国内首家兼容MCP协议的地图服务商。

官方

精选

JavaScript

Playwright MCP Server

一个模型上下文协议服务器，它使大型语言模型能够通过结构化的可访问性快照与网页进行交互，而无需视觉模型或屏幕截图。

官方

精选

TypeScript

Magic Component Platform (MCP)

一个由人工智能驱动的工具，可以从自然语言描述生成现代化的用户界面组件，并与流行的集成开发环境（IDE）集成，从而简化用户界面开发流程。

Audiense Insights MCP Server

通过模型上下文协议启用与 Audiense Insights 账户的交互，从而促进营销洞察和受众数据的提取和分析，包括人口统计信息、行为和影响者互动。

VeyraX

一个单一的 MCP 工具，连接你所有喜爱的工具：Gmail、日历以及其他 40 多个工具。

官方

精选

本地

graphlit-mcp-server

模型上下文协议 (MCP) 服务器实现了 MCP 客户端与 Graphlit 服务之间的集成。除了网络爬取之外，还可以将任何内容（从 Slack 到 Gmail 再到播客订阅源）导入到 Graphlit 项目中，然后从 MCP 客户端检索相关内容。

官方

精选

TypeScript

Kagi MCP Server

一个 MCP 服务器，集成了 Kagi 搜索功能和 Claude AI，使 Claude 能够在回答需要最新信息的问题时执行实时网络搜索。

官方

精选

Python

e2b-mcp-server

使用 MCP 通过 e2b 运行代码。

官方

精选

Neon MCP Server

用于与 Neon 管理 API 和数据库交互的 MCP 服务器

官方

精选

Exa MCP Server

模型上下文协议（MCP）服务器允许像 Claude 这样的 AI 助手使用 Exa AI 搜索 API 进行网络搜索。这种设置允许 AI 模型以安全和受控的方式获取实时的网络信息。

官方

精选