returntocorp/semgrep

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

7.8 / 10
Verified

Safe to build on. Strong signals across all dimensions.

Dimensions

Alive
9.2
Legit
7.5
Solid
5.9
Usable
9.1

Repository Stats

Stars
14.7k
Forks
908
License
LGPL-2.1
Mode
Standard

Embed this badge

Add the MCP Skills trust badge to your README to show current status.

MCP Skills trust badge
[![MCP Skills](https://mcpskills.io/.netlify/functions/badge?repo=returntocorp%2Fsemgrep)](https://mcpskills.io/score/returntocorp/semgrep)
Want the full 14-signal breakdown?
Unlock safety scan findings, signal-level scores, and actionable recommendations.
Get the full report →