Code Audit (Ollama) MCP server

The MCP Code Audit Server is a comprehensive TypeScript server that performs intelligent code audits using local AI models via Ollama. It analyzes code for security vulnerabilities, completeness, performance issues, quality concerns, architecture problems, testing gaps, and documentation shortcomings.

Installation

Prerequisites

• Node.js 18.0.0 or higher
• Ollama (latest version)
• 8GB+ RAM recommended
• 10GB+ storage for essential models

Global Installation (Recommended)

# Install globally from npm
npm install -g @moikas/code-audit-mcp

# Run interactive setup (includes MCP configuration)
code-audit setup

# Or setup with automatic MCP configuration
code-audit setup --auto

# Start the MCP server
code-audit start

The setup script will:

• Check prerequisites (Node.js, npm, tsx)
• Verify Ollama installation and health
• Install recommended AI models
• Test MCP server functionality
• Generate example configuration

Manual Setup

# Install dependencies
npm install

# Install essential models
ollama pull codellama:7b
ollama pull granite-code:8b

# Build the project
npm run build

# Test the server
npm run dev

Usage

CLI Commands

# Interactive setup wizard
code-audit setup

# Start MCP server (foreground)
code-audit start

# Start as background daemon
code-audit start --daemon

# Stop running server
code-audit stop

# Check system health
code-audit health

# Manage AI models
code-audit models --list
code-audit models --pull codellama:7b

# Configuration management
code-audit config --show
code-audit config --set ollama.host=http://remote:11434

# MCP server management
code-audit mcp status
code-audit mcp configure
code-audit mcp remove

# Check for updates
code-audit update

MCP Integration

Automatic Configuration (Recommended)

# Configure during setup
code-audit setup

# Or configure after installation
code-audit mcp configure

This automatically adds code-audit to:

• Claude Desktop
• Claude Code (Global)
• Claude Code (Project)

Manual Configuration

Add to your MCP configuration:

{
  "mcpServers": {
    "code-audit": {
      "command": "code-audit",
      "args": ["start", "--stdio"],
      "env": {}
    }
  }
}

Available Tools

audit_code - Main audit tool

{
  "name": "audit_code",
  "arguments": {
    "code": "function processPayment(amount) {\n  const query = `SELECT * FROM users WHERE id = ${userId}`;\n  // TODO: implement payment logic\n}",
    "language": "javascript",
    "auditType": "all",
    "priority": "thorough",
    "context": {
      "framework": "express",
      "environment": "production",
      "performanceCritical": true,
      "projectType": "api"
    }
  }
}

Parameters:

• code (required): Code to audit
• language (required): Programming language
• auditType: security | completeness | performance | quality | architecture | testing | documentation | all
• priority: fast (security + completeness only) | thorough (all audit types)
• context: Additional context for framework-specific analysis
• maxIssues: Limit number of issues returned (default: 50)

Configuration

Server Configuration

Create a configuration file or use environment variables:

{
  "ollama": {
    "host": "http://localhost:11434",
    "timeout": 60000
  },
  "models": {
    "default": "codellama:7b",
    "security": "granite-code:8b",
    "performance": "deepseek-coder:6.7b"
  },
  "server": {
    "port": 3000,
    "logLevel": "info"
  },
  "cache": {
    "enabled": true,
    "ttl": 3600
  }
}

Supported Models

Essential Models (Recommended)

• CodeLlama 7B: Fast, general-purpose code analysis
• Granite Code 8B: Excellent for security analysis

Comprehensive Setup

• CodeLlama 13B: Better accuracy for complex analysis
• DeepSeek-Coder 6.7B: Superior performance analysis
• StarCoder2 7B: Specialized for testing analysis
• Qwen2.5-Coder 7B: Good for documentation analysis

Full Setup (Advanced)

• DeepSeek-Coder 33B: Highest accuracy (requires 16GB+ RAM)
• StarCoder2 15B: Advanced testing and architecture analysis
• Llama 3.1 8B: Excellent for documentation

Language Support

Fully Supported

• JavaScript/TypeScript: React, Node.js, Express-specific checks
• Python: Django, Flask, FastAPI-specific analysis
• Java: Spring Boot, security-focused analysis
• Go: Goroutine safety, performance patterns
• Rust: Memory safety, performance optimization

Well Supported

• C#: .NET patterns, security analysis
• PHP: Laravel, WordPress security checks
• Ruby: Rails-specific patterns
• Swift: iOS-specific patterns
• Kotlin: Android-specific analysis

Troubleshooting

Common Issues

Ollama Connection Failed

Ensure Ollama is running:

# Check if Ollama is running
ps aux | grep ollama

# Start Ollama if needed
ollama serve

# Verify connection
curl http://localhost:11434/api/version

Model Not Found

Install the required model:

# List available models
ollama list

# Pull missing model
ollama pull codellama:7b

# Verify installation
ollama list

Memory Issues

For large models or projects:

# Use smaller models
code-audit config --set models.default=codellama:7b

# Limit parallel operations
code-audit config --set server.maxConcurrent=2

# Enable fast mode for quicker results
code-audit audit --fast my-file.js

How to install this MCP server

For Claude Code

To add this MCP server to Claude Code, run this command in your terminal:

claude mcp add-json "code-audit" '{"command":"code-audit","args":["start","--stdio"],"env":[]}'

See the official Claude Code MCP documentation for more details.

For Cursor

There are two ways to add an MCP server to Cursor. The most common way is to add the server globally in the ~/.cursor/mcp.json file so that it is available in all of your projects.

If you only need the server in a single project, you can add it to the project instead by creating or adding it to the .cursor/mcp.json file.

Adding an MCP server to Cursor globally

To add a global MCP server go to Cursor Settings > Tools & Integrations and click "New MCP Server".

When you click that button the ~/.cursor/mcp.json file will be opened and you can add your server like this:

{
    "mcpServers": {
        "code-audit": {
            "command": "code-audit",
            "args": [
                "start",
                "--stdio"
            ],
            "env": []
        }
    }
}

Adding an MCP server to a project

To add an MCP server to a project you can create a new .cursor/mcp.json file or add it to the existing one. This will look exactly the same as the global MCP server example above.

How to use the MCP server

Once the server is installed, you might need to head back to Settings > MCP and click the refresh button.

The Cursor agent will then be able to see the available tools the added MCP server has available and will call them when it needs to.

You can also explicitly ask the agent to use the tool by mentioning the tool name and describing what the function does.

For Claude Desktop

To add this MCP server to Claude Desktop:

1. Find your configuration file:

• macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
• Windows: %APPDATA%\Claude\claude_desktop_config.json
• Linux: ~/.config/Claude/claude_desktop_config.json

2. Add this to your configuration file:

{
    "mcpServers": {
        "code-audit": {
            "command": "code-audit",
            "args": [
                "start",
                "--stdio"
            ],
            "env": []
        }
    }
}

3. Restart Claude Desktop for the changes to take effect