MCP Code Analyzer

An orchestrator that coordinates multiple security and quality tools like Semgrep and ESLint to provide comprehensive code analysis and scoring. It enables users to perform vulnerability scanning, architecture metrics, and impact analysis through CLI, REST, or MCP interfaces.

→ polocap/mcp_security · listed on glama

Install from

Glama

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings

🚨

Known vulnerabilities in dependencies: 2 critical, 5 high

Affects packages this MCP installs at runtime. Upgrade or remove the affected dependency.

// required environment variables

This server reads these from process.env. You'll be asked to provide them before it can run.

configLOG_LEVEL

configMCP_ANALYZER_DB_PATH

// full audit trail

The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.

// improvement guidance — verified publishers only

We have 6 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.

// embed badge in your README

[![M8ven Score](https://m8ven.ai/badge/mcp/polocap-mcp-security-1qnngv)](https://m8ven.ai/mcp/polocap-mcp-security-1qnngv)

commit: 02b414a9d4902e059ac0ec94869db8030c30c118

code hash: fba8518c391149a2b69601308cab5c2735f78690fa61e903b6d87178284498e7

verified: 4/11/2026, 2:48:42 PM

view raw JSON →