code-review-mcp-server
An MCP server that provides senior-level code review, quality checks, security analysis, and refactoring suggestions directly in your editor.
README
Code Review MCP Server
Status: archived / portfolio reference. Built March 2026 as a focused exploration of FastMCP + AST-based code-quality heuristics. The deterministic tools (Ruff / ShellCheck / ESLint wrappers, secret-pattern checks) still work; the LLM-style review feedback is largely overlapped by modern coding assistants, which is why this is frozen rather than actively maintained. Fork if you want to extend.
An open-source Model Context Protocol (MCP) server that brings senior-level code review into your editor. Use it with Cursor or any MCP client to get quality checks, refactor suggestions, security checks, and best-practice guidance as you code.
Quick start
git clone <this-repo>
cd mcp_server
python -m venv venv
./venv/bin/pip install -r requirements.txt
./venv/bin/python code_review_mcp_server.py
With Cursor: Add the server to your MCP config (e.g. copy mcp.json into ~/.cursor/ and set workingDirectory to this repo). Cursor will then offer tools like senior_review, review_code_quality, and security_review when you work on code.
What it does
The server exposes tools over MCP that your editor can call to:
| Area | Tools |
|---|---|
| One-shot review | senior_review — checklist and concrete suggestions (naming, errors, types, tests, security, DRY) |
| Quality | review_code_quality — long functions, nesting, type hints, error handling |
| Security | security_review — eval/exec, shell/SQL injection, hardcoded secrets, permissions |
| Refactor | refactor_code — split functions, reduce complexity, unused imports, naming |
| Structure | suggest_code_split, suggest_folder_structure, suggest_reuse — split by logic, folder layout, reuse existing code |
| Tests | generate_tests — scenarios and edge cases per function |
| Static analysis | Ruff (Python), ShellCheck (Bash), ESLint (JS/TS), patch generation |
So instead of "quick AI code," you get feedback that matches what a senior engineer would expect in a code review: clear structure, fewer security risks, and maintainable patterns.
Requirements
- Python 3.10+
- Optional: Ruff for Python linting (
pip install ruff), ShellCheck for Bash, ESLint (e.g. vianpx) for JavaScript/TypeScript
Project structure
mcp_server/
main.py # Minimal entry point
code_review_mcp_server.py # Entry point with config and logging
tools/ # MCP tools (quality, security, refactor, etc.)
utils/ # Helpers (temp files, diffs)
tests/ # Unit tests (tools, utils, common)
mcp.json # Example MCP config for Cursor
requirements.txt
requirements-dev.txt # Dev deps (pytest); optional
pyproject.toml # Project metadata and pytest config
Testing
From the project root (with the venv activated and deps installed):
python -m unittest discover -s tests -p 'test_*.py' -v
Or install dev deps and use pytest: pip install -r requirements-dev.txt then pytest tests/ -v.
Usage
-
Run the server from the project directory:
./venv/bin/python code_review_mcp_server.pyor
python main.py(both use the same config and logging). -
Use from Cursor: Point your Cursor MCP config at this repo. The example
mcp.jsonuses relative paths:workingDirectoryshould resolve to the cloned repo (e.g.../mcp_serverif the config file lives in~/.cursor). For reliability, you can setworkingDirectoryto the absolute path of this repo (e.g.~/mcp_server).
Getting better results
- Pass
file_pathwhen callingsenior_review,review_code_quality, orsecurity_review. Findings will includefile:linereferences so you can jump to the exact location. - Use
focuswithsenior_reviewto narrow the checklist:"security"(secrets, injection, permissions),"api"(naming, types, docs), or omit for the full checklist. - Review in small chunks. Run review on one file or one concern at a time; large blobs of code produce noisier or vaguer feedback.
- Ask for one thing at a time. For example: “Run security_review on this file” or “Run senior_review with focus=api on this function.”
License and author
License: MIT — see LICENSE.
Author: Dmitry Troshenkov.
Contributions and feedback are welcome.
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.