Drift

A codebase intelligence platform that detects patterns, conventions, and violations in code while maintaining memory across sessions. Exposes an MCP server with six entry points (drift_scan, drift_status, drift_tool, drift_discover, drift_workflow, drift_explain) that give AI agents access to ~70 specialized analysis utilities covering violations, security patterns, call graphs, architectural boundaries, coupling metrics, taint flows, and more. Includes a Cortex memory system for semantic memory, knowledge retrieval, and multi-agent coordination. Built with Rust (NAPI-RS bindings) and TypeScript for performance.

Evaluated Mar 06, 2026 (0d ago) vunknown

Homepage ↗ Repo ↗ Developer Tools mcp code-analysis pattern-detection convention-enforcement security-audit coupling-analysis taint-analysis rust typescript codebase-memory

⚙ Agent Friendliness

/ 100

Can an agent use this?

🔒 Security

/ 100

Is it safe for agents?

⚡ Reliability

/ 100

Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality

Documentation

Error Messages

Auth Simplicity

Rate Limits

🔒 Security

TLS Enforcement

Auth Strength

Scope Granularity

Dep. Hygiene

Secret Handling

Community/specialized tool. Apply standard security practices for category. Review documentation for specific security requirements.

⚡ Reliability

Uptime/SLA

Version Stability

Breaking Changes

Error Recovery

Best When

You have a medium-to-large codebase and want AI agents to understand deep structural patterns, enforce conventions, and maintain persistent codebase intelligence across sessions.

Avoid When

Your codebase is small or in a language not yet supported. The v2 rewrite is under active development, so expect some rough edges.

Use Cases

• Giving AI coding agents deep codebase awareness beyond file contents
• Detecting pattern violations and enforcing coding conventions via AI assistants
• Security auditing codebases through OWASP findings and taint flow analysis
• Understanding module coupling, API contracts, and architectural boundaries
• Maintaining persistent codebase knowledge across multiple AI agent sessions
• Monte Carlo simulation for change impact estimation

Not For

• Replacing a full CI/CD linting pipeline (complementary, not a replacement)
• Non-code analysis tasks
• Very small or trivial codebases where the overhead is not justified
• Languages not yet supported (currently Python, Java, PHP, TypeScript, C#)

Interface

REST API

GraphQL

gRPC

MCP Server

Yes

SDK

Webhooks

Authentication

OAuth: No Scopes: No

No authentication required. Runs locally against your codebase. Supabase integration present in repo suggests optional cloud sync but not documented.

Pricing

Model: open_source

Free tier: Yes

Requires CC: No

No license file found in repository. Appears open source based on public GitHub repo. License terms unclear.

Agent Metadata

Pagination

unknown

Idempotent

Partial

Retry Guidance

Not documented

Known Gotchas

⚠ V2 is a significant rewrite - v1 is deprecated, v2 is under active development
⚠ README is minimal - real documentation is buried in drift v2/docs/
⚠ License terms are unclear (no LICENSE file found)
⚠ Supabase integration suggests potential cloud dependency not well documented
⚠ ~70 tools via drift_tool may overwhelm agent context - use drift_discover to filter
⚠ Requires initial drift_scan before other tools produce useful results
⚠ Docker and stdio transport modes available but HTTP setup requires Docker

Alternatives

CodeScene SonarQube Semgrep ast-grep Sourcegraph Cody context

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for Drift.

$99

API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.