data
Semgrep MCP, CLI, and Lua Integration for AI Agents
Semgrep integration docs for AI agents: MCP gateway setup, Semgrep CLI commands, Lua API reference, credentials, and function schemas.Semgrep for agents
Credentials can be configured manually in web or CLI hosts.
Use this integration from Lua code mode, the headless integrations CLI, or the KosmoKrator MCP gateway. The same package metadata powers all three surfaces.
Agent Surfaces
Machine-Readable Metadata
Function Catalog
| Function | Type | Parameters | Description |
|---|---|---|---|
semgrep.semgrep_misc_service_get_bootstrap_sms_vpc | Read read | 0 | [Beta] Get SMS VPC Bootstrap CloudFormation Template Official Semgrep Web API endpoint: GET /api/v1/bootstrap-sms-vpc VPC support for Managed Scans is in private beta. Returns the Managed Scans VPC Bootstrap CloudFormation template in JSON |
semgrep.semgrep_deployments_service_list_deployments | Read read | 0 | List deployments Official Semgrep Web API endpoint: GET /api/v1/deployments Request the deployments your auth can access. Currently available auth scope does not extend over more than one deployment. This endpoint returns the single deploym |
semgrep.semgrep_supply_chain_service_list_dependencies | Write write | 0 | List dependencies Official Semgrep Web API endpoint: POST /api/v1/deployments/{deploymentId}/dependencies |
semgrep.semgrep_supply_chain_service_list_repositories_for_dependencies | Write write | 0 | List repositories with dependencies Official Semgrep Web API endpoint: POST /api/v1/deployments/{deploymentId}/dependencies/repositories |
semgrep.semgrep_supply_chain_service_list_lockfiles_for_dependencies | Write write | 0 | List lockfiles in a given repository with dependencies Official Semgrep Web API endpoint: POST /api/v1/deployments/{deploymentId}/dependencies/repositories/{repositoryId}/lockfiles |
semgrep.semgrep_policies_service_list_policies | Read read | 0 | List policies Official Semgrep Web API endpoint: GET /api/v1/deployments/{deploymentId}/policies |
semgrep.semgrep_policies_service_list_policy_rules | Read read | 0 | List policy rules Official Semgrep Web API endpoint: GET /api/v1/deployments/{deploymentId}/policies/{policyId} |
semgrep.semgrep_policies_service_update_policy | Write write | 0 | Update policy Official Semgrep Web API endpoint: PUT /api/v1/deployments/{deploymentId}/policies/{policyId} |
semgrep.semgrep_supply_chain_service_create_sbom_export | Write write | 0 | Create a new SBOM export job Official Semgrep Web API endpoint: POST /api/v1/deployments/{deploymentId}/sbom/export |
semgrep.semgrep_supply_chain_service_get_sbom_export | Read read | 0 | Get the status of a SBOM export job Official Semgrep Web API endpoint: GET /api/v1/deployments/{deploymentId}/sbom/export/{taskToken} |
semgrep.semgrep_scans_service_get_scan | Read read | 0 | Get scan details Official Semgrep Web API endpoint: GET /api/v1/deployments/{deploymentId}/scan/{scanId} Request the details of a scan including the associated deployment, repository, and commit information. |
semgrep.semgrep_scans_service_search_scans | Write write | 0 | List scans (beta) Official Semgrep Web API endpoint: POST /api/v1/deployments/{deploymentId}/scans/search List the scans associated with a particular repository over the past 30 days. |
semgrep.semgrep_secrets_service_list_secrets_path | Read read | 0 | List secrets Official Semgrep Web API endpoint: GET /api/v1/deployments/{deploymentId}/secrets |
semgrep.semgrep_ticketing_service_delete_ticket | Write write | 0 | Unlink a Jira ticket Official Semgrep Web API endpoint: DELETE /api/v1/deployments/{deploymentId}/ticketing/v2/tickets/{externalTicketId} Unlink a Jira ticket by its ID |
semgrep.semgrep_ticketing_service_link_ticket | Write write | 0 | Link an existing ticket to findings Official Semgrep Web API endpoint: POST /api/v1/deployments/{deploymentId}/tickets/link Link an existing external ticket (e.g. Jira) to one or more Semgrep findings by providing the ticket URL and a list |
semgrep.semgrep_ticketing_service_unlink_ticket | Write write | 0 | Unlink a ticket from findings Official Semgrep Web API endpoint: POST /api/v1/deployments/{deploymentId}/tickets/unlink Remove the ticket association from one or more Semgrep findings by providing a list of finding IDs. This does not delete |
semgrep.semgrep_findings_service_list_findings | Read read | 0 | List code, supply chain, or AI-powered scan findings Official Semgrep Web API endpoint: GET /api/v1/deployments/{deploymentSlug}/findings Request the list of code, supply chain, or AI-powered scan findings in an organization, paginated in p |
semgrep.semgrep_projects_service_list_projects | Read read | 0 | List all projects Official Semgrep Web API endpoint: GET /api/v1/deployments/{deploymentSlug}/projects Request the list of projects that have been scanned or onboarded to Managed Scans. Does not return archived repositories. Returns 100 pro |
semgrep.semgrep_projects_service_get_project | Read read | 0 | Get project details Official Semgrep Web API endpoint: GET /api/v1/deployments/{deploymentSlug}/projects/{projectName} Retrieve details for a single project associated with a deployment that you have access to. |
semgrep.semgrep_projects_service_update_project | Write write | 0 | Update project details Official Semgrep Web API endpoint: PATCH /api/v1/deployments/{deploymentSlug}/projects/{projectName} Update attributes for the project using the value passed in to the request body. Note: The only attribute that is su |
semgrep.semgrep_projects_service_delete_project | Write write | 0 | Delete project Official Semgrep Web API endpoint: DELETE /api/v1/deployments/{deploymentSlug}/projects/{projectName} Delete a project for a deployment you have access to. This will also delete all of the associated findings. |
semgrep.semgrep_projects_service_toggle_project_managed_scan | Write write | 0 | Toggle Managed Scans for a project Official Semgrep Web API endpoint: PATCH /api/v1/deployments/{deploymentSlug}/projects/{projectName}/managed-scan Enable or disable [Semgrep Managed Scans](/docs/deployment/managed-scanning/overview) for a |
semgrep.semgrep_projects_service_add_project_tags | Write write | 0 | Add tags to project Official Semgrep Web API endpoint: PUT /api/v1/deployments/{deploymentSlug}/projects/{projectName}/tags Add tags to a project for a deployment you have access to. Any project tags that do not already exist for the deploy |
semgrep.semgrep_projects_service_delete_project_tags | Write write | 0 | Remove tags from project Official Semgrep Web API endpoint: DELETE /api/v1/deployments/{deploymentSlug}/projects/{projectName}/tags Remove tags from a project for a deployment you have access to. This request will not delete project tags fr |
semgrep.semgrep_ticketing_service_create_ticket | Write write | 0 | Create Jira tickets Official Semgrep Web API endpoint: POST /api/v1/deployments/{deploymentSlug}/tickets Create Jira tickets for your findings. You can create tickets by passing in a list of issue_ids or by passing in filter query parameter |
semgrep.semgrep_triage_service_bulk_triage | Write write | 0 | Bulk triage Official Semgrep Web API endpoint: POST /api/v1/deployments/{deploymentSlug}/triage Bulk triage your findings. You can select the findings to triage by passing in a list of finding IDs as issue_ids, or by passing in filter query |
semgrep.semgrep_misc_service_ping | Read read | 0 | Ping Official Semgrep Web API endpoint: GET /api/v1/ping Use to ping the server and assert liveness. |