Open Source MCP Server

Code Intelligence for AI Agents

Deep static analysis, security scanning, and semantic search — all through the Model Context Protocol

$ brew tap postrv/narsil && brew install narsil-mcp
$ narsil-mcp --repos ~/your-project

90 Tools

32 Languages

OWASP Top 10

100% Local

AI coding assistants are flying blind

Without deep code intelligence, AI assistants struggle with complex codebases

AI reads files one at a time

AI queries semantic index instantly

Security issues discovered late

Continuous vulnerability scanning

"Find where X is defined" takes 30 seconds

Symbol lookup in <1ms

No call graph awareness

Full call graph with transitive analysis

Manual dependency audits

Automated SBOM + CVE detection

90 tools. One MCP server.

Everything your AI assistant needs to understand your codebase

Semantic Search

BM25 + TF-IDF + neural embeddings. Find code by meaning, not just text.

Security Scanning

OWASP Top 10, CWE Top 25, secrets detection, taint analysis.

Call Graphs

Who calls what? Trace paths between functions. Find hotspots.

Supply Chain

SBOM generation, OSV vulnerability checks, license compliance.

Type Inference

Infer types in Python/JS/TS without running external checkers.

Git Integration

Blame, history, hotspots, contributors — all queryable.

32 Languages

Rust, Python, TypeScript, Go, Java, C#, Ruby, Kotlin, Swift, and 23 more.

100% Local

Your code never leaves your machine. No cloud required.

From install to insights in 60 seconds

Get started with narsil-mcp in three simple steps

Install

$ brew tap postrv/narsil
$ brew install narsil-mcp

# Or cargo, npm, scoop, nix...

Configure

# claude_desktop_config.json
{
  "mcpServers": {
    "narsil": {
      "command": "narsil-mcp",
      "args": ["--repos", "~/project"]
    }
  }
}

Ask Claude

"What security vulnerabilities
exist in the auth module?"

→ 3 findings: CWE-89,
  CWE-79, CWE-352

Read the quickstart guide →

Open Standard

The CCG Standard

Publish your codebase for AI

The Code Context Graph (CCG) is an open standard for publishing machine-readable code intelligence.

Symbols, call graphs, security findings — all in one file
Works with any LLM, any MCP client
Auto-generated by narsil-mcp, hosted on codecontextgraph.com

Explore the CCG spec →

Code Context Graph

{
  "@context": "https://codecontextgraph.com",
  "type": "CodeRepository",
  "name": "my-project",
  "symbols": [...],
  "callGraph": {...},
  "security": {
    "findings": [...]
  }
}

How narsil-mcp compares

Feature comparison with other MCP code intelligence servers

Feature	narsil-mcp	GitHub MCP	XRAY	Serena
Languages	32	N/A	4	30+
Neural search
Taint analysis
SBOM/Licenses		Partial
Offline/Local
WASM/Browser
Call graphs			Partial
Type inference

Data as of January 2026. Contribute corrections via GitHub