topmcps
Browse MCPs

MCP Comparison · 2026

GitHub vs Semgrep MCP Server

Comparing GitHub and Semgrep as MCP servers? GitHub (manage repos, prs & issues) is best when automated issue creation. Semgrep (run semgrep scans) is best when pre-commit sast. Both run as Model Context Protocol servers and can coexist in the same client. Updated 2026.

GitHub logo — MCP server

GitHub

Full GitHub API access: repos, PRs, issues, and code search.

Semgrep

Semgrep

Open-source SAST scanning against custom rules from an AI agent.

Side-by-side specs

Pulled from each MCP's verified fact sheet.

 GitHubSemgrep
Primary functionManage Repos, PRs & IssuesRun Semgrep scans
MaintainerGitHubSemgrep
PricingFreeOpen source
Setup complexityLow · ~5 minLow · ~5 min
Transportstdio, Streamable HTTPstdio
Auth modelAPI keyNone
LicenseMITLGPL-2.1
LanguageGoPython
Latest versionlatestlatest
Compatible clientsClaude, Cursor, Any MCP-compatible clientClaude, Cursor, VS Code, Windsurf, Any MCP-compatible client, Semgrep 1.30+
Last verified2026-05-312026-05-27

Which one should you pick?

Decision rubric drawn from each MCP's documented strengths.

Choose GitHub

  • Automated issue creation
  • PR review and management
  • Code search across repos
See full GitHub write-up →

Choose Semgrep

  • Pre-commit SAST
  • Custom rule enforcement
  • Reviewing third-party PRs
See full Semgrep write-up →

Pick something else if…

  • GitLab or Bitbucket workflows
  • Dependency-vulnerability scanning

Feature breakdown

Key capabilities each server ships out of the box.

GitHub

  • Full GitHub REST API access
  • Code search
  • Issue and PR management
  • File content reading
  • Branch and commit operations
  • Official GitHub support

Semgrep

  • Open-source rule registry
  • Custom YAML rules
  • Per-language rule selection
  • Diff-mode (scan only changed lines)
  • JSON output for agent ingestion

Install snippets

Open the detail page for ready-to-paste config for every major client.

Install GitHub

Setup snippets for Claude, Cursor, VS Code, Windsurf →

Install Semgrep

Setup snippets for Claude, Cursor, VS Code, Windsurf →

uvx semgrep-mcp

FAQ

GitHub vs Semgrep: which MCP server should I use?

Pick GitHub when automated issue creation. Pick Semgrep when pre-commit sast. GitHub is built for manage repos, prs & issues, while Semgrep focuses on run semgrep scans.

Can I run both GitHub and Semgrep together?

Yes. MCP clients run each server as a separate process and surface every server's tools simultaneously, so you can install both and let your agent decide which to call. Be deliberate with auth scopes when stacking servers.

How fresh is this comparison?

Updated for 2026. GitHub's last verification: 2026-05-31. Semgrep's last verification: 2026-05-27. We refresh detail-page facts on every catalog rebuild.

More GitHub comparisons

GitHubvsFilesystemGitHubvsGitLabGitHubvsGitGitHubvsSlack

Browse all Developer Tools MCPs? See the full ranked list →