MCPVet
Medium
github · 37 files analyzed
semgrep/mcp
Powerful capabilities — review before trusting.
View source ↗Environment variables (config / keys) 5
Filesystem writes 1
Shell / command execution 3
Sensitive credential files 1
AI review
The extension reads environment variables for configuration (SEMGREP_APP_TOKEN, SEMGREP_PATH, SEMGREP_URL) and executes subprocess commands (claude --version, semgrep), which is expected for its purpose of running Semgrep scans. There is no evidence of hidden instructions, prompt injection, or data exfiltration. The test file accessing /etc/passwd is a unit test for path traversal protection, not a real risk.
- low Environment variable access for configuration — The extension reads SEMGREP_APP_TOKEN, SEMGREP_PATH, and SEMGREP_URL from environment variables. This is expected behavior for authentication and configuration in a security scanning tool. No exfiltration or misuse is present.
- low Subprocess execution for Semgrep and Claude version check — The extension runs subprocess commands (claude --version, semgrep) to verify dependencies and perform scans. This is consistent with its stated purpose of running Semgrep scans. No arbitrary command injection or hidden commands were found.
- low Test file accesses /etc/passwd — The test file tests/safe_join.py includes a test case with /etc/passwd to verify path traversal protection. This is a standard security test and does not represent a real risk in production.
Model: deepseek-chat
Static findings
Shell / command execution · Executes shell / system commands
medium
scripts/configure_semgrep_mcp.py:37
result = subprocess.run(["claude", "--version"], capture_output=True, text=True, timeout=10)
medium
src/semgrep_mcp/semgrep.py:184
process = subprocess.run(
medium
src/semgrep_mcp/utilities/utils.py:99
process = subprocess.run(
Environment variables (config / keys) · Reads environment variables (config / API keys)
low
scripts/configure_semgrep_mcp.py:48
if semgrep_token := os.getenv("SEMGREP_APP_TOKEN"):
low
src/semgrep_mcp/semgrep.py:31
SEMGREP_PATH = os.getenv("SEMGREP_PATH", None)
low
src/semgrep_mcp/server.py:40
SEMGREP_URL = os.environ.get("SEMGREP_URL", "https://semgrep.dev")
low
src/semgrep_mcp/utilities/tracing.py:30
SEMGREP_URL = os.environ.get("SEMGREP_URL", "https://semgrep.dev")
low
src/semgrep_mcp/utilities/utils.py:14
SEMGREP_PATH = os.getenv("SEMGREP_PATH", None)
Filesystem writes · Reads or writes the filesystem
low
src/semgrep_mcp/server.py:190
shutil.rmtree(temp_dir, ignore_errors=True)
Sensitive credential files · Reads sensitive credential files
info
tests/unit/test_safe_join.py:44
safe_join(base_dir, "/etc/passwd")
Scanning every extension your team installs?
Pro & Team add monitoring, private scans, and a CI gate for unsafe extensions.
MCPVet is a heuristic aid, not a security guarantee. A clean grade does not prove an extension is safe; always review code and instructions you don't trust.