A community-driven registry for the Claude Code ecosystem. Not affiliated with Anthropic.
Are you the author? Sign in to claim
Strict AI code reviewer MCP server powered by Groq
Strict AI-powered code reviewer for Claude Desktop, Cursor, VS Code, and Claude Code CLI. Finds bugs, vulnerabilities, and security issues — powered by Groq (free API).
Claude / Cursor / VS Code ──MCP──► code-sanitizer ──REST──► Groq API
(server.py) (llama-3.3-70b)
| Tool | What it does |
|---|---|
analyze_code | Strict review — bugs, security issues, score 0–100 |
compare_code | Compares two versions, detects regressions, recommends merge/request_changes |
explain_code | Step-by-step explanation for junior / middle / senior audience |
generate_tests | Generates pytest / jest / go test — happy path, edge cases, security |
analyze_file | Analyzes a whole file from disk with parallel chunking |
generate_report | Builds an HTML report from any analysis result |
cache_info | Cache statistics and clearing |
{
"summary": "Critical SQL injection and secret exposed in logs",
"score": 23,
"issues": [
{
"severity": "critical",
"line": 2,
"title": "SQL Injection",
"description": "f-string directly interpolates user_id into query",
"fix": "cursor.execute('SELECT * FROM users WHERE id = %s', (user_id,))"
}
],
"warnings": [{"title": "No exception handling", "description": "..."}],
"suggestions": ["Consider using an ORM instead of raw SQL"]
}
Prerequisite: Get a free Groq API key at console.groq.com/keys — no credit card required.
claude mcp add code-sanitizer -e GROQ_API_KEY=gsk_your_key -- uvx mcp-code-sanitizer
| OS | Config file |
|---|---|
| macOS | ~/Library/Application Support/Claude/claude_desktop_config.json |
| Windows | %APPDATA%\Claude\claude_desktop_config.json |
| Linux | ~/.config/Claude/claude_desktop_config.json |
{
"mcpServers": {
"code-sanitizer": {
"command": "uvx",
"args": ["mcp-code-sanitizer"],
"env": {
"GROQ_API_KEY": "gsk_your_key_here"
}
}
}
}
Create .cursor/mcp.json in your project (or ~/.cursor/mcp.json globally):
{
"mcpServers": {
"code-sanitizer": {
"command": "uvx",
"args": ["mcp-code-sanitizer"],
"env": {
"GROQ_API_KEY": "gsk_your_key_here"
}
}
}
}
Requires VS Code 1.99+ with GitHub Copilot. Create .vscode/mcp.json in your project:
{
"servers": {
"code-sanitizer": {
"command": "uvx",
"args": ["mcp-code-sanitizer"],
"env": {
"GROQ_API_KEY": "gsk_your_key_here"
}
}
}
}
Or add globally via Ctrl+Shift+P → "MCP: Add Server".
Don't have
uvx? Install it withpip install uv, then use the commands above.
If you prefer cloning the repo:
git clone https://github.com/notasandy/mcp-code-sanitizer
cd mcp-code-sanitizer
pip install -r requirements.txt
cp .env.example .env # add your GROQ_API_KEY
python server.py
Then point the client config to:
{
"command": "python",
"args": ["/full/path/to/server.py"],
"env": { "GROQ_API_KEY": "gsk_your_key_here" }
}
Add AI code review to any repository in 5 lines. The action posts a structured comment on every PR with score, issues, and fix suggestions.
# .github/workflows/ai-review.yml
name: AI Code Review
on:
pull_request:
types: [opened, synchronize]
permissions:
contents: read
pull-requests: write
jobs:
review:
runs-on: ubuntu-latest
steps:
- uses: notasandy/mcp-code-sanitizer@v1
with:
groq_api_key: ${{ secrets.GROQ_API_KEY }}
Add GROQ_API_KEY to your repository secrets → Settings → Secrets → Actions.
The action automatically:
After connecting, just write naturally:
Review this code for vulnerabilities:
def get_user(user_id):
query = f"SELECT * FROM users WHERE id = {user_id}"
return db.execute(query)
Or call tools explicitly:
analyze_file /path/to/my_script.py
generate_tests for this function: ...
compare_code — before vs after refactor, did it get better?
generate_report and save to /tmp/report.html
mcp-code-sanitizer/
├── server.py # FastMCP entry point
├── config.py # Constants — keys, limits, extension map
├── groq_client.py # Async Groq client with auto-retry on 429
├── cache.py # In-memory LRU cache with TTL
├── prompts.py # System prompts for all tools
└── tools/
├── analyze.py # analyze_code
├── compare.py # compare_code
├── explain.py # explain_code
├── tests.py # generate_tests
├── file_tool.py # analyze_file — chunking + parallel analysis
├── cache_tool.py # cache_info
└── report.py # generate_report — HTML output
All settings via .env or environment variables:
| Variable | Default | Description |
|---|---|---|
GROQ_API_KEY | — | Required. Get at console.groq.com |
GROQ_MODEL | llama-3.3-70b-versatile | Groq model to use |
CACHE_TTL | 3600 | Cache TTL in seconds |
CACHE_MAX | 200 | Max cached entries |
| Model | Speed | Quality |
|---|---|---|
llama-3.3-70b-versatile | Fast | Best (default) |
llama-3.1-8b-instant | Fastest | Good |
mixtral-8x7b-32768 | Fast | Great |
PRs and Issues are welcome. Most wanted:
MIT — do whatever you want. A star would be appreciated.
Run Claude Code as an MCP server so any agent can delegate coding tasks to it
Browser automation using accessibility snapshots instead of screenshots
MCP server integration for DaVinci Resolve Studio
@designcomputerSecure MCP server for MySQL database interaction, queries, and schema management
