MCP.so

Code Reason

Created By
ph0smet18 days ago
MCP server that gives coding agents program-analysis primitives — data flow, call graphs, taint analysis — so they reason from ground truth instead of grep-and-guess."
OverviewContentToolsComments
Overview

Program analysis for your coding agents.

Instead of grep-and-guess, provide your agents program analysis capabilities with code-reason.

code-reason is an MCP server that gives coding agents real program-analysis primitives — data-flow reachability, call-graph traversal, evidence-chain construction — so they verify code behavior from ground truth instead of speculation.

What is code-reason?

An MCP server that gives coding agents real program-analysis capabilities —
data-flow reachability, call-graph traversal, evidence-chain construction, and source/sink taint analysis. Built on Fraunhofer AISEC's Code Property
Graph (CPG) for Java and Python codebases.

The problem it solves

Without a code-analysis tool, a coding agent answers whole-program questions by manual grep-based tracing. That works for trivial cases and breaks silently on anything non-trivial — aliased variables, inter-procedural flow, sanitization checks. The agent still produces an answer, often confidently,
and a confident wrong answer is the dangerous kind for security work.

code-reason gives the agent ground-truth primitives instead of speculation.
The agent decides what's interesting; code-reason answers what's actually true.

What you get

  • 9 MCP tools — analyze, find entry points, find callers/callees, query data flow, trace taint paths, catalog-driven injection scan, plus supporting tools for evidence retrieval
  • One analyze pass, unlimited queriesreason_analyze_project builds
    the CPG once; every subsequent tool is a cheap in-memory query
  • Compact structured answers — JSON evidence chains with intermediate
    steps and code context, not "looks like SQLi maybe"
  • ~30-40% fewer agent tokens on multi-step security reviews, validated on real Java codebases
  • MCP-native — tested with Claude Code; works with any MCP-compatible coding agent

Example session

  1. Agent calls reason_analyze_project on the target codebase
  2. Agent calls reason_find_entry_points to enumerate where external input enters
  3. For each suspicious entry, agent traces downstream with reason_query_dataflow and reason_find_callees
  4. When a flow reaches a sensitive call, agent calls reason_trace_taint_path for the full source-to-sink evidence chain
  5. Agent reasons from the structured result and decides what to investigate
    next

The catalog-driven reason_scan_injections is available as a quick
first-pass for SQLi / XSS / command injection, but the headline value is the agent composing its own investigation from the primitives.

Try in Playground

Server Config

{
  "mcpServers": {
    "code-reason": {
      "command": "/absolute/path/to/build/install/code-reason/bin/code-reason",
      "args": [
        "--stdio"
      ]
    }
  }
}
Project Info
Created At
18 days ago
Updated At
18 days ago
Author Name
ph0smet
Star
-
Language
-
License
-
Category
Tags
Homepage
https://github.com/ph0smet/code-reason

Recommend Servers

View All
Redis
@modelcontextprotocol

A Model Context Protocol server that provides access to Redis databases. This server enables LLMs to interact with Redis key-value stores through a set of standardized tools.

a year ago
Ux Skill
@Laith0003

A deterministic, offline design-intelligence engine for AI coding tools. Replaces improvised UI generation with structured constraints plus a rule-based anti-AI-slop linter. Ships as a Claude Code plugin, a Python package, an MCP server (18 tools), and a 17-IDE installer.

4 hours ago
Screenshot
@faridmth

Description: Capture website screenshots from any MCP client via the ScreenshotRender API. Returns the image inline plus a hosted URL and page metadata. Bring your own ScreenshotRender API key.

2 days ago
Neural-OS
@Timwal78

Neural-OS — The mobile-first AI agent OS. Featuring sovereign agent tools for DePIN compute arbitrage, data bounty hunting, enterprise lead bartering, and live crypto pricing execution.

4 hours ago
Conclave Ai Agent Arena

Competitive arena for AI agents via MCP. Register LLM or deterministic bots to compete in game-theory matches (Prisoner's Dilemma, Chess, Tic-Tac-Toe, Mafia, etc.) with ELO rankings, replays, and public leaderboards.

2 days ago
Agentdrive
@Rakesh1002

AgentDrive is a cross-agent artifact workspace with provenance and portable storage across Claude Code, Codex, Cursor, and LangGraph. 20 MCP tools: file CRUD, semantic recall over workspace artifacts, run logging, cross-agent attribution, comments, and shares. Connect to the hosted server at https://mcp.agentdrive.sh/mcp with an Authorization: Bearer key, or run locally via npx @adrive/mcp-server. Free tier (1 GB + 10k embeddings) at https://app.agentdrive.sh — no credit card.

an hour ago
Tolstoy Library
@GoTolstoy

Browse, search, rename, and favorite your Tolstoy media library — videos, images, social imports, and AI drafts — from any AI client.

2 days ago
Agentmagnet
@egri-creator

Universal product search across 40+ stores (Amazon 22 countries, eBay 22 countries, Awin 15k merchants, AliExpress, SaaS, B2B) — 52 languages, x402 micropayments.

a day ago
Madeonsol — Solana Kol & Memecoin Intelligence
@LamboPoewert

Real-time Solana memecoin intelligence for AI agents and trading bots — KOL wallet trades, Pump.fun deployer reputation, token quality scoring, wallet PnL, and pre-confirm launch alerts. 40+ tools. Free API key, or pay-per-call via x402.

14 hours ago
Airtreks Mcp
@SEKeener

a day ago
Runapi Mcp Server
@runapi-ai

MCP server for AI image generation, video generation, music creation, text-to-speech, and LLM chat. 130+ models from Flux, Kling, Seedance, Veo, Suno, ElevenLabs, Claude, GPT, Gemini, and more. Browse models, check pricing, create tasks, and poll results. Free model discovery without API key. Works with Claude Code, Cursor, Codex, Windsurf, and any MCP host.

a day ago
Zhipu Web Search
@BigModel

Zhipu Web Search MCP Server is a search engine specifically designed for large models. It integrates four search engines, allowing users to flexibly compare and switch between them. Building upon the web crawling and ranking capabilities of traditional search engines, it enhances intent recognition capabilities, returning results more suitable for large model processing (such as webpage titles, URLs, summaries, site names, site icons, etc.). This helps AI applications achieve "dynamic knowledge acquisition" and "precise scenario adaptation" capabilities.

a year ago
Agent Knowledge
@Ddhjx-code

AI Agent 岗位模拟面试 MCP Server —— 基于 FAISS + bge-base-zh-v1.5 构建的 RAG 知识库,为 AI Agent 技术面试提供语义检索、分级题库和个性化学习路径。

a day ago
Blender
@ahujasid

BlenderMCP connects Blender to Claude AI through the Model Context Protocol (MCP), allowing Claude to directly interact with and control Blender. This integration enables prompt assisted 3D modeling, scene creation, and manipulation.

a year ago
Test
@modelcontextprotocol

test

6 months ago
Cricketstudio Mcp
@i-m-arul

29 MCP tools for IPL 2026, IPL historical (18 seasons), and Major League Cricket. Free, no API key.

18 hours ago
Slack
@modelcontextprotocol

Channel management and messaging capabilities

a year ago
AI SEO Magic Button
@AutomateLab-tech

Point it at your site, get a whole-site AEO/GEO audit plus a ready-to-run plan your agent can execute. Orchestrates the ai-seo and citation-intelligence MCPs. Ships as a Claude skill, Claude plugin, and MCP server. No API keys required for the core audit-to-plan flow.

a day ago
Modal MCP
@george-bobby

An MCP server for managing Modal — apps, containers, volumes, and secrets — and for deploying & running Modal apps directly from Claude Code and other MCP clients. Every tool shells out to your local modal CLI, so it operates against whatever Modal profile and credentials are configured on your machine. There are no extra tokens to manage.

4 hours ago
Baidu Map
@baidu-maps

百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。

a year ago
Upnote Lens Mcp
@elsboo

Let AI read, search, and summarize your UpNote notes — and create new ones — right from your chat.

2 hours ago
Superfact
@Rizvi Haider

Superfact is a remote MCP server that turns your agent's output into a beautiful, shareable public page. Call superfact.publish with structured JSON and a template, and get a clean public URL back in seconds. No model in the publish path: JSON in, templated HTML out. Vendor-neutral and MCP-native. Free during preview.

2 days ago
Sigstore
@3089464667

a day ago
MCP Advisor
@istarwyh

MCP Advisor & Installation - Use the right MCP server for your needs

TypeScript
a year ago
Indotender Mcp
@IndoTender

Connect your AI assistant to IndoTender — Indonesian government procurement data via the Model Context Protocol. Search LPSE tenders, procurement realisasi, company profiles, treasury payments, and government agency directories — all from your AI chat.

18 hours ago
Tavily Mcp
@tavily-ai

JavaScript
a year ago
Qiniu MCP Server
@Qiniu

基于七牛云产品构建的 Model Context Protocol (MCP) Server,支持用户在 AI 大模型客户端的上下文中通过该 MCP Server 来访问七牛云存储资源、利用 Dora 服务进行图片操作等。 如果有什么需求欢迎在下方评论,您也可以在 github 仓库中提 issue。

Python
a year ago
Bucket Feature Flags MCP Server
@bucketco

Flag features directly from chat in your code editor, including VS Code, Cursor, Windsurf, Claude Code—any IDE with MCP support.

a year ago
Neon MCP Server
@neondatabase-labs

MCP server for interacting with Neon Management API and databases

TypeScript
a year ago
Google Maps
@modelcontextprotocol

Location services, directions, and place details

a year ago