io.github.ashfordeOU/grasp

MCPcommunity
v3.2.1io.github.ashfordeOUUnknownUpdated 2mo agonpmGitHub

MCP server for codebase analysis — dependency graphs, security scanning, refactor plans, and more.

Expose Grasp's codebase analysis engine as MCP tools for Claude Code and other LLM agents. Supports GitHub repositories and local directories. Analyzes dependency graphs, architecture layers, circular deps, security issues, design patterns, dead code, code metrics, git history, duplicate detection, cross-repo comparison, monorepo workspaces, runtime call graphs, database schema coupling, API…

Automatically indexed from public sources. Not yet verified by the developer on Forge.Claim this listing →
2mo agoLast update
Package
Authorio.github.ashfordeOU
LicenseUnknown
Version3.2.1
Sourcemcp-registry
Trust Status
F
10/100Untrusted
Listed in Forge index+10/10
Publisher identity verified+0/25
Publisher: run `forge publish` from the package repo to claim ownership
Ed25519 publish signature+0/10
Included automatically when the publisher runs `forge publish`
Domain verification+0/5
Publisher: host /.well-known/forge.json on the package homepage with { "publisher": "<github-login>" }
CVE scan · not run+0/30
Not yet scanned — package must be on npm
Static analysis · clean+0/20
Not yet scanned — package must be on npm
npm provenance (Sigstore)+0/5
Publish from GitHub Actions with the --provenance flag
Paste into Claude Code, Cursor, or any AI assistant to fix all gaps
StatusCommunity-indexed
PublisherUnverified
SignatureUnsigned
Domain
Provenance
DependenciesNot audited
Tool surface
Security scanScan failedvunknown · 20d ago
EvalsNone
IndexedJun 13, 2026

Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.

About

Expose Grasp's codebase analysis engine as MCP tools for Claude Code and other LLM agents. Supports GitHub repositories and local directories. Analyzes dependency graphs, architecture layers, circular deps, security issues, design patterns, dead code, code metrics, git history, duplicate detection, cross-repo comparison, monorepo workspaces, runtime call graphs, database schema coupling, API surface maps, and migration planning. Force-directed dependency graph — the same data the MCP server…

Keywords
mcp