playbooks
Learn Cursor Rules Windsurf Rules MCPs Modes
AI Image Editor
Log in

Joern (Code Analysis) MCP server

Integrates with Joern's code analysis capabilities to enable static code analysis, vulnerability identification, and code structure understanding through a Python interface to Code Property Graphs.
Back to servers
Provider
sfncat
Release date
Apr 14, 2025
Language
Python
Stats
5 stars
View on GitHub

This Joern MCP Server provides a simple interface for code review and security analysis through Joern's capabilities. It allows you to leverage Joern's static analysis features through a Model Context Protocol server.

Environment Requirements

  • Python >= 3.10 (default 3.12) & uv
  • Joern

Installation

Clone the Repository

git clone https://github.com/sfncat/mcp-joern.git
cd mcp-joern

Install Python Dependencies

uv venv .venv
source .venv/bin/activate
uv sync

Usage

Starting the Joern Server

Start the Joern server with the necessary configuration:

joern -J-Xmx40G --server --server-host 127.0.0.1 --server-port 16162 --server-auth-username user --server-auth-password password --import server_tools.sc

Configure Environment Variables

  1. Copy the example environment file to create your own:

    cp env_example.txt .env

  2. Edit the .env file to match your Joern server configuration settings

Testing the Connection

Modify the information in demo.py and run it to verify the Joern server connection:

python demo.py

You should see output similar to:

127.0.0.1:16162
Successfully connected to Joern MCP, joern server version is XXX

Configure MCP Server

Configure the MCP server in cline by referring to the sample_cline_mcp_settings.json file. This file contains the necessary settings for the MCP integration.

Using the MCP Server

To interact with the MCP server and ask questions to the large language model, refer to the prompts_en.md file for example prompts and usage patterns.

Available Tools

The MCP server provides various tools for code analysis:

  • Simple tools are defined in server_tools.py
  • More complex tools are implemented in server_tools.sc with corresponding definitions in server_tools.py

These tools can help with tasks such as code vulnerability detection, dependency analysis, and more when used through the MCP protocol.

How to add this MCP server to Cursor

There are two ways to add an MCP server to Cursor. The most common way is to add the server globally in the ~/.cursor/mcp.json file so that it is available in all of your projects.

If you only need the server in a single project, you can add it to the project instead by creating or adding it to the .cursor/mcp.json file.

Adding an MCP server to Cursor globally

To add a global MCP server go to Cursor Settings > MCP and click "Add new global MCP server".

When you click that button the ~/.cursor/mcp.json file will be opened and you can add your server like this:

{
    "mcpServers": {
        "cursor-rules-mcp": {
            "command": "npx",
            "args": [
                "-y",
                "cursor-rules-mcp"
            ]
        }
    }
}

Adding an MCP server to a project

To add an MCP server to a project you can create a new .cursor/mcp.json file or add it to the existing one. This will look exactly the same as the global MCP server example above.

How to use the MCP server

Once the server is installed, you might need to head back to Settings > MCP and click the refresh button.

The Cursor agent will then be able to see the available tools the added MCP server has available and will call them when it needs to.

You can also explictly ask the agent to use the tool by mentioning the tool name and describing what the function does.

Want to 10x your AI skills?

Get a free account and learn to code + market your apps using AI (with or without vibes!).

Nah, maybe later