MCP Code Sanitizer

MCP Code Sanitizer

Strict AI code reviewer powered by Groq. Finds bugs, vulnerabilities and security issues in your code. Supports analyze, compare versions, explain code, generate tests, and HTML reports.

Category
Visit Server

README

<!-- mcp-name: io.github.notasandy/mcp-code-sanitizer -->

πŸ” mcp-code-sanitizer

A strict AI-powered code reviewer that runs your code through Groq LLM directly from Claude Desktop, Cursor, or any MCP-compatible agent.

Python FastMCP Groq License

Claude Desktop  ──MCP──►  code-sanitizer  ──REST──►  Groq API
                            (server.py)               (llama-3.3-70b)

✨ Features

Tool Description
analyze_code Strict code review β€” bugs, vulnerabilities, score 0–100
compare_code Compares two versions, finds regressions, recommends merge/request_changes
explain_code Step-by-step explanation for junior/middle/senior audience
generate_tests Generates pytest/jest/go test with happy path, edge cases, security tests
analyze_file Analyzes a whole file from disk with parallel chunking
generate_report Builds a beautiful HTML report from any analysis result
cache_info Cache statistics and clearing

Example response

{
  "summary": "Critical SQL injection and secret exposed in logs",
  "score": 23,
  "issues": [
    {
      "severity": "critical",
      "line": 2,
      "title": "SQL Injection",
      "description": "f-string directly interpolates user_id into query",
      "fix": "cursor.execute('SELECT * FROM users WHERE id = %s', (user_id,))"
    }
  ],
  "warnings": [{"title": "No exception handling", "description": "..."}],
  "suggestions": ["Consider using an ORM instead of raw SQL"]
}

πŸš€ Quick Start

1. Clone the repository

git clone https://github.com/YOUR_USERNAME/mcp-code-sanitizer
cd mcp-code-sanitizer

2. Create virtual environment and install dependencies

python -m venv venv

# macOS / Linux
source venv/bin/activate

# Windows
venv\Scripts\activate

pip install -r requirements.txt

3. Add your Groq API key

Get a free key at console.groq.com/keys

cp .env.example .env
# Open .env and set GROQ_API_KEY=gsk_...

4. Test the server

python server.py

Silence means it's working β€” the server is listening for MCP requests via stdio.

πŸ”Œ Connect to Claude Desktop

Find your config file and add the mcpServers section:

OS Config path
macOS ~/Library/Application Support/Claude/claude_desktop_config.json
Windows %APPDATA%\Claude\claude_desktop_config.json
Linux ~/.config/Claude/claude_desktop_config.json 
{
  "mcpServers": {
    "code-sanitizer": {
      "command": "/full/path/to/venv/bin/python",
      "args": ["/full/path/to/server.py"],
      "env": {
        "GROQ_API_KEY": "gsk_your_key_here"
      }
    }
  }
}

Restart Claude Desktop β€” you'll see the πŸ”§ icon in chat.

πŸ”Œ Connect to Cursor

Create .cursor/mcp.json in your project root:

{
  "mcpServers": {
    "code-sanitizer": {
      "command": "/full/path/to/venv/bin/python",
      "args": ["/full/path/to/server.py"],
      "env": {"GROQ_API_KEY": "gsk_your_key_here"}
    }
  }
}

πŸ§ͺ Testing via MCP Inspector

source venv/bin/activate  # or venv\Scripts\activate on Windows
fastmcp dev inspector server.py

A browser UI opens with full tool testing interface.

πŸ’¬ Usage in chat

After connecting to Claude Desktop, just write:

Review this code for vulnerabilities:

def get_user(user_id):
    query = f"SELECT * FROM users WHERE id = {user_id}"
    return db.execute(query)

Or explicitly call a tool:

Use analyze_file on /path/to/my_script.py
Generate tests for this function: ...
Compare these two versions and tell me if it got better: ...

πŸ—οΈ Architecture

mcp-code-sanitizer/
β”œβ”€β”€ server.py          # FastMCP entry point (39 lines)
β”œβ”€β”€ config.py          # Constants β€” keys, limits, mappings
β”œβ”€β”€ groq_client.py     # Groq API client with auto-retry on rate limits
β”œβ”€β”€ cache.py           # In-memory cache with TTL
β”œβ”€β”€ prompts.py         # System prompts for all tools
└── tools/
    β”œβ”€β”€ analyze.py     # analyze_code
    β”œβ”€β”€ compare.py     # compare_code
    β”œβ”€β”€ explain.py     # explain_code
    β”œβ”€β”€ tests.py       # generate_tests
    β”œβ”€β”€ file_tool.py   # analyze_file (chunking + parallel analysis)
    β”œβ”€β”€ cache_tool.py  # cache_info
    └── report.py      # generate_report (HTML)

βš™οΈ Configuration

All settings via environment variables or .env:

Variable Default Description
GROQ_API_KEY β€” Required. Get at console.groq.com
GROQ_MODEL llama-3.3-70b-versatile Groq model
CACHE_TTL 3600 Cache TTL in seconds
CACHE_MAX 200 Max cache entries

Available Groq models

Model Speed Quality
llama-3.3-70b-versatile ⚑⚑ ⭐⭐⭐⭐⭐ (default)
llama-3.1-8b-instant ⚑⚑⚑ ⭐⭐⭐
mixtral-8x7b-32768 ⚑⚑ ⭐⭐⭐⭐

πŸ“¦ Requirements

fastmcp>=2.3.0
httpx>=0.27.0
python-dotenv>=1.0.0

🀝 Contributing

PRs and Issues are welcome! Especially interested in:

  • Support for other LLM providers (OpenAI, Anthropic)
  • New tools (security audit, dependency check, complexity analysis)
  • Prompt improvements

πŸ“„ License

MIT β€” do whatever you want. A GitHub star would be appreciated ⭐

πŸ”— Links

Recommended Servers

playwright-mcp

playwright-mcp

A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.

Official
Featured
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.

Official
Featured
Local
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.

Official
Featured
Local
TypeScript
VeyraX MCP

VeyraX MCP

Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.

Official
Featured
Local
graphlit-mcp-server

graphlit-mcp-server

The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.

Official
Featured
TypeScript
Kagi MCP Server

Kagi MCP Server

An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.

Official
Featured
Python
E2B

E2B

Using MCP to run code via e2b.

Official
Featured
Neon Database

Neon Database

MCP server for interacting with Neon Management API and databases

Official
Featured
Qdrant Server

Qdrant Server

This repository is an example of how to create a MCP server for Qdrant, a vector search engine.

Official
Featured
Exa Search

Exa Search

A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.

Official
Featured