RRepoGEO

REPOGEO REPORT · LITE

semgrep/mcp

Default branch main · commit cade7825 · scanned 5/31/2026, 12:06:17 PM

GitHub: 668 stars · 56 forks

AI VISIBILITY SCORE
40 /100
Critical
Category recall
0 / 2
Not recommended in any query
Rule findings
2 pass · 0 warn · 0 fail
Objective metadata checks
AI knows your name
3 / 3
Direct prompts that named your repo
HOW TO READ THIS REPORT

Action plan is what to do next — copy-pasteable changes prioritized by impact. Category visibility is the real GEO test: when a user asks an AI a brand-free question that should surface semgrep/mcp, does the AI actually recommend you — or your competitors? Objective checks verify the metadata signals AI engines weight first. Self-mention check detects whether AI even knows you exist by name.

Action plan — copy-paste fixes

3 prioritized changes generated by gemini-2.5-flash. Mark items done after you ship the fix.

OVERALL DIRECTION
  • highabout#1
    Update the repository description to reflect deprecation

    Why:

    CURRENT
    A MCP server for using Semgrep to scan code for security vulnerabilities.
    COPY-PASTE FIX
    DEPRECATED: The Semgrep MCP server has moved to the main `semgrep` repository. This repo is no longer maintained. Refer to the main `semgrep` repo for current functionality.
  • hightopics#2
    Add 'deprecated' topic to signal repository status

    Why:

    CURRENT
    mcp, semgrep
    COPY-PASTE FIX
    mcp, semgrep, deprecated
  • mediumreadme#3
    Update the main README heading to include deprecation status

    Why:

    CURRENT
    # Semgrep MCP Server
    COPY-PASTE FIX
    # DEPRECATED: Semgrep MCP Server (Moved to main semgrep repo)

Category GEO backends resolved for this scan: google/gemini-2.5-flash, deepseek/deepseek-v4-flash

Category visibility — the real GEO test

Brand-free queries asked to google/gemini-2.5-flash. Did AI recommend you, or someone else?

Same questions for every model — switch tabs to compare answers and rankings.

Recall
0 / 2
0% of queries surface semgrep/mcp
Avg rank
Lower is better. #1 = top recommendation.
Share of voice
0%
Of all named tools, what % are you?
Top rival
Snyk Code
Recommended in 1 of 2 queries
COMPETITOR LEADERBOARD
  1. Snyk Code · recommended 1×
  2. Semgrep · recommended 1×
  3. SonarQube · recommended 1×
  4. Checkmarx SAST · recommended 1×
  5. Bandit · recommended 1×
  • CATEGORY QUERY
    Looking for a static analysis solution to identify security vulnerabilities in my projects.
    you: not recommended
    AI recommended (in order):
    1. Snyk Code
    2. Semgrep
    3. SonarQube
    4. Checkmarx SAST
    5. Bandit
    6. ESLint
    7. eslint-plugin-security
    8. eslint-plugin-scanjs-rules

    AI recommended 8 alternatives but never named semgrep/mcp. This is the gap to close.

    Show full AI answer
  • CATEGORY QUERY
    What are options for a centralized code security scanning service?
    you: not recommended
    AI recommended (in order):
    1. Snyk
    2. Veracode
    3. Checkmarx One
    4. Sonatype Nexus Lifecycle
    5. GitLab Ultimate Security Scanners
    6. Tenable.io
    7. Mend.io

    AI recommended 7 alternatives but never named semgrep/mcp. This is the gap to close.

    Show full AI answer

Objective checks

Rule-based audits of metadata signals AI engines weight most.

  • Metadata completeness
    pass

  • README presence
    pass

Self-mention check

Does AI even know your repo exists when asked about it directly?

  • Compared to common alternatives in this category, what is the core differentiator of semgrep/mcp?
    pass
    AI named semgrep/mcp explicitly

    AI answers can be confidently wrong. Read for accuracy: does it match your actual tech stack, audience, and differentiator?

  • If a team adopts semgrep/mcp in production, what risks or prerequisites should they evaluate first?
    pass
    AI named semgrep/mcp explicitly

    AI answers can be confidently wrong. Read for accuracy: does it match your actual tech stack, audience, and differentiator?

  • In one sentence, what problem does the repo semgrep/mcp solve, and who is the primary audience?
    pass
    AI named semgrep/mcp explicitly

    AI answers can be confidently wrong. Read for accuracy: does it match your actual tech stack, audience, and differentiator?

Embed your GEO score

Drop this badge into the README of semgrep/mcp. It auto-updates whenever the report is rescanned and links back to the latest report — easy public proof that you care about AI discoverability.

RepoGEO badge previewLive preview
MARKDOWN (README)
[![RepoGEO](https://repogeo.com/badge/semgrep/mcp.svg)](https://repogeo.com/en/r/semgrep/mcp)
HTML
<a href="https://repogeo.com/en/r/semgrep/mcp"><img src="https://repogeo.com/badge/semgrep/mcp.svg" alt="RepoGEO" /></a>
Pro

Subscribe to Pro for deep diagnoses

semgrep/mcp — Lite scans stay free; this card itemizes Pro deep limits vs Lite.

  • Deep reports10 / month
  • Brand-free category queries5 vs 2 in Lite
  • Prioritized action items8 vs 3 in Lite