{"id":"entrepeneur4lyf-code-graph-mcp","name":"code-graph-mcp","homepage":"https://pypi.org/project/code-graph-mcp/1.2.4/","repo_url":"https://github.com/entrepeneur4lyf/code-graph-mcp","category":"devtools","subcategories":[],"tags":["mcp","code-analysis","static-analysis","call-graph","dependency-graph","complexity","ast","python"],"what_it_does":"code-graph-mcp is a Python MCP server that builds and serves a multi-language code graph for code intelligence tasks (navigation/search for symbols, call graphs, dependency graphs, complexity/health metrics) using ast-grep with caching and a file-watcher for incremental updates.","use_cases":["Codebase exploration across multiple languages (25+)","Finding definitions and references for symbols in mixed-language repos","Generating caller/callee and dependency/circular dependency graphs","Assessing complexity and maintainability / project health","Detecting potential code smells (e.g., long functions, duplication patterns)","Architecture and refactoring impact analysis via tool workflows"],"not_for":["Production deployment without reviewing runtime security and performance characteristics","Pure SaaS/API usage without a local/hosted MCP runtime","Tasks requiring authoritative semantic understanding beyond static analysis","Environments that forbid file system watchers or broad codebase indexing"],"best_when":"You have a local repository (possibly polyglot) and want an MCP-connected agent to navigate and analyze code structure, dependencies, and complexity efficiently.","avoid_when":"You need authenticated multi-tenant remote access, or you cannot grant the MCP process read access to the project files.","alternatives":["Sourcegraph (graph-based code search/indexing, hosted)","OpenRewrite/semgrep/clangd/ctags + language servers for narrower analysis","Custom MCP servers wrapping existing static analysis tools","Tree-sitter-based tooling with per-language call graph/dependency analysis"],"af_score":64.8,"security_score":23.0,"reliability_score":40.0,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:49:21.032924+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["None described (local MCP server process)"],"oauth":false,"scopes":false,"notes":"README describes local MCP host configuration and CLI usage but does not document authentication mechanisms, API keys, or scoped access control."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No hosted pricing described; distributed as a Python package (installation via pip/PyPI)."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":64.8,"security_score":23.0,"reliability_score":40.0,"mcp_server_quality":75.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":95.0,"rate_limit_clarity":0.0,"tls_enforcement":0.0,"auth_strength":10.0,"scope_granularity":0.0,"dependency_hygiene":70.0,"secret_handling":50.0,"security_notes":"No authentication/authorization model is documented (appears designed for local use by an MCP host). The server indexes local code and logs/monitoring are mentioned, but the README does not describe logging redaction for secrets or safe handling of sensitive file contents. TLS/rate limiting are not applicable/undocumented for a local MCP server; security posture should be reviewed in the codebase.","uptime_documented":0.0,"version_stability":55.0,"breaking_changes_history":45.0,"error_recovery":60.0,"idempotency_support":"false","idempotency_notes":"No explicit idempotency guarantees documented for the tools; analysis operations appear read-only but file-watcher behavior suggests state/caching changes.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Server may re-analyze on file changes; repeated calls during active edits could trigger incremental indexing and higher latency.","Very large repositories may be expensive (tools labeled as expensive/moderate); agents should prefer the 'Fast' tools first.","ast-grep and caching assumptions may require sufficient CPU/RAM; environment misconfiguration (missing deps) will prevent proper graph building."]}}