CodeSlick MCP Server for Claude Code

Comprehensive security analysis for source code via Model Context Protocol (MCP). Run 248 security checks, detect secrets, scan dependencies, and generate SBOMs directly from Claude Code.

Features

• 248 Security Checks across 6 languages (JavaScript, TypeScript, Python, Java, Go, Terraform, Kubernetes)
• OWASP 2025 Compliance (95% coverage) with CVSS 3.1 scoring
• AI Code Detection with 150 signals (hallucinations, heuristics, LLM fingerprints)
• Secrets Detection for 38 patterns (API keys, passwords, tokens, certificates)
• Dependency Scanning for npm, pip, Maven, Gradle, Go modules
• SBOM Generation in SPDX 2.3 and CycloneDX 1.4 formats
• Malicious Package Detection for 66 known packages

Installation

Option 1: Via Claude Code Plugin Marketplace (Recommended)

1. Open Claude Code
2. Navigate to Settings > Plugins
3. Search for "CodeSlick Security Analysis"
4. Click "Install"

Option 2: Manual Installation via npm

npm install -g codeslick-mcp-server

Then add to your Claude Code configuration (~/.claude/config.json):

{
  "mcpServers": {
    "codeslick": {
      "command": "codeslick-mcp",
      "args": []
    }
  }
}

Option 3: Local Development

# Clone the repository
git clone https://github.com/VitorLourenco/codeslick2.git
cd codeslick2/packages/mcp-server

# Install dependencies
npm install

# Build
npm run build

# Add to Claude Code config
{
  "mcpServers": {
    "codeslick": {
      "command": "node",
      "args": ["/absolute/path/to/codeslick2/packages/mcp-server/dist/index.js"]
    }
  }
}

Available Tools

1. analyze_code

Run comprehensive security analysis on source code.

Parameters:

• code (string, required): Source code to analyze
• language (string, required): One of javascript, typescript, python, java, go, terraform, kubernetes
• filename (string, optional): Filename for context

Example:

Analyze this JavaScript code for security issues:

function login(username, password) {
  const query = "SELECT * FROM users WHERE username='" + username + "'";
  // ... SQL injection vulnerability
}

Output:

• Security score (0-100)
• Vulnerability list with severity, CVSS score, OWASP/CWE mappings
• Remediation guidance with before/after code examples
• Attack vector descriptions

2. scan_dependencies

Scan project dependencies for vulnerabilities.

Parameters:

• content (string, required): Content of dependency file (package.json, requirements.txt, etc.)
• type (string, required): One of npm, pip, maven, gradle, go

Example:

Scan this package.json for vulnerable dependencies:

{
  "dependencies": {
    "express": "4.16.0",
    "lodash": "4.17.0"
  }
}

Output:

• Vulnerable packages with CVE IDs
• Malicious package detection
• Upgrade recommendations
• Severity breakdown

3. generate_sbom

Generate Software Bill of Materials.

Parameters:

• content (string, required): Content of dependency file
• type (string, required): One of npm, pip, maven, gradle, go
• format (string, optional): One of spdx, cyclonedx, both (default: both)
• projectName (string, optional): Project name for metadata
• projectVersion (string, optional): Project version for metadata

Example:

Generate SBOM for this package.json in SPDX format:

{
  "name": "my-app",
  "version": "1.0.0",
  "dependencies": {
    "react": "^18.0.0"
  }
}

Output:

• SPDX 2.3 formatted SBOM
• CycloneDX 1.4 formatted SBOM
• Component count and metadata
• License information

4. detect_secrets

Detect hardcoded secrets in source code.

Parameters:

• code (string, required): Source code to scan
• filename (string, optional): Filename for context

Example:

Check this code for hardcoded secrets:

const config = {
  awsAccessKey: "AKIAIOSFODNN7EXAMPLE",
  dbPassword: "super_secret_password_123"
};

Output:

• Detected secrets with pattern type
• Severity (critical, high, medium)
• Line numbers
• Remediation steps
• Risk descriptions

Language Support

| Language | Security Checks | Features | |----------|----------------|----------| | JavaScript | 28 checks | XSS, injection, insecure functions | | TypeScript | 56 checks | Type safety + JS checks | | Python | 47 checks | SQL injection, pickle, eval | | Java | 32 checks | XXE, deserialization, LDAP injection | | Go | 26 checks | SQL injection, file paths, crypto | | Terraform | 22 checks | AWS misconfigs, secrets, PII | | Kubernetes | 37 checks | RBAC, pod security, secrets |

Security Check Categories

• Injection Attacks: SQL, XSS, command injection, LDAP injection
• Authentication/Authorization: Weak crypto, insecure sessions, RBAC issues
• Sensitive Data Exposure: Hardcoded secrets, PII, API keys
• XML/Deserialization: XXE, unsafe pickle, Java deserialization
• Security Misconfiguration: Missing security headers, weak SSL, insecure defaults
• Known Vulnerabilities: Malicious packages, outdated dependencies
• AI Code Detection: LLM hallucinations, AI-generated patterns

OWASP 2025 Coverage

• A01:2021 - Broken Access Control: ✅ 100%
• A02:2021 - Cryptographic Failures: ✅ 100%
• A03:2021 - Injection: ✅ 100%
• A04:2021 - Insecure Design: ✅ 95%
• A05:2021 - Security Misconfiguration: ✅ 90%
• A06:2021 - Vulnerable Components: ✅ 100%
• A07:2021 - Authentication Failures: ✅ 100%
• A08:2021 - Data Integrity Failures: ✅ 85%
• A09:2021 - Logging Failures: ✅ 90%
• A10:2021 - SSRF: ✅ 100%

Overall Coverage: 95%

Examples

Example 1: Analyze Python Code

User: Analyze this Python code for security issues:

import pickle
import os

def load_data(filename):
    with open(filename, 'rb') as f:
        data = pickle.load(f)  # Unsafe deserialization
    return data

def execute_command(user_input):
    os.system("ls " + user_input)  # Command injection

Claude Code Response:

# CodeSlick Security Analysis Report

**Language:** python
**Security Score:** 42/100
**Total Vulnerabilities:** 2

## Vulnerability Summary

🔴 **Critical:** 2

---

## Top Vulnerabilities

### 1. Unsafe Pickle Deserialization

**Severity:** CRITICAL
**CVSS Score:** 9.8/10
**OWASP:** A08:2021
**CWE:** CWE-502

**Recommendation:** Use safe alternatives like JSON or XML. Never unpickle data from untrusted sources.

**Fix:**
```python
// Before:
data = pickle.load(f)

// After:
import json
data = json.load(f)

Replace pickle with JSON for safe deserialization.

2. Command Injection via os.system()

Severity: CRITICAL CVSS Score: 9.8/10 OWASP: A03:2021 CWE: CWE-78

Recommendation: Use subprocess with shell=False and argument list instead of os.system().

Fix:

// Before:
os.system("ls " + user_input)

// After:
subprocess.run(["ls", user_input], shell=False, check=True)

Use subprocess with argument array to prevent command injection.

### Example 2: Scan Dependencies

User: Scan these npm dependencies:

{ "dependencies": { "express": "4.16.0", "lodash": "4.17.0", "event-stream": "3.3.4" } }

**Claude Code Response:**

Dependency Scan Report

Package Manager: npm Total Vulnerabilities: 3

Vulnerability Summary

🔴 Critical: 1 (malicious package) 🟠 High: 2 (known CVEs)

Vulnerable Dependencies

1. [email protected]

Severity: CRITICAL Issue: Malicious package - Bitcoin wallet stealer (CVE-2018-3721) Fix: Remove immediately - use alternative package

2. [email protected]

Severity: HIGH Issue: Prototype pollution (CVE-2019-10744) Fix: Upgrade to version 4.17.21

3. [email protected]

Severity: HIGH Issue: Open redirect vulnerability (CVE-2018-3717) Fix: Upgrade to version 4.18.0

## Performance

- **Analysis Speed**: <3s for typical files (WebTool requirement)
- **Memory Usage**: Low (optimized AST traversal)
- **False Positive Rate**: <10% (context-aware filtering)

## Privacy Policy

CodeSlick MCP Server prioritizes your privacy and security:

### Data Processing
- **Local Processing Only**: All code analysis is performed locally on your machine
- **No Data Collection**: We do not collect, store, or transmit your source code
- **No Telemetry**: No usage statistics, analytics, or tracking of any kind
- **No Account Required**: The MCP server works completely offline without authentication

### Network Activity
- **Fully Offline**: Security analysis runs without internet connectivity
- **Optional External Calls**: Only for dependency scanning (OSV.dev vulnerability database) if enabled
- **No Third-Party Services**: No data sent to CodeSlick servers or any third parties

### API Key Usage
- **Your Keys, Your Control**: If using advanced AI features, your OpenRouter API key is used directly
- **No Key Storage**: API keys are not stored or logged by the MCP server
- **No Access**: CodeSlick does not see or have access to your API keys

### Open Source & Auditable
- **MIT License**: Fully open source and auditable
- **Transparent Code**: All source code available for security review
- **No Hidden Functionality**: What you see is what you get

### CodeSlick Web Service (Separate)
This MCP server is separate from the CodeSlick web service. For the web service privacy policy, see: https://codeslick.dev/privacy

### Contact
For privacy-related questions: [email protected]

## Support

- **Documentation**: https://codeslick.dev/docs
- **Issues**: https://github.com/VitorLourenco/codeslick2/issues
- **Email**: [email protected]
- **Discord**: https://discord.gg/codeslick

## License

MIT License - Copyright (c) 2026 CodeSlick

## Contributing

Contributions welcome! See [CONTRIBUTING.md](../../CONTRIBUTING.md) for guidelines.

## Roadmap

- [ ] C/C++ language support
- [ ] Rust language support
- [ ] CloudFormation support
- [ ] Custom rule configuration
- [ ] CI/CD integration templates
- [ ] VS Code extension

## Credits

Built with:
- [@modelcontextprotocol/sdk](https://github.com/anthropics/mcp) - MCP SDK by Anthropic
- [TypeScript](https://www.typescriptlang.org/) - Type-safe JavaScript
- [CodeSlick](https://codeslick.dev) - Security analysis engine

---

**Made with ❤️ by the CodeSlick team**