Summary
Joern's Code Property Graph meets LLM tooling. This exposes 30+ static analysis operations over CPGs for Java, C/C++, JavaScript, Python, Go, Kotlin, C#, PHP, Ruby, and Swift. You get taint flow tracking, program slicing, vulnerability pattern detection (use after free, format strings, TOCTOU), and control flow graph extraction as MCP tools. Point it at a repo or local path, generate the CPG, then run CPGQL queries or use prebuilt detectors for common CWEs. Runs containerized with Joern doing the heavy lifting. Custom detectors go in Scala templates without touching core code. If you're doing security research or want semantic code analysis beyond grep, this bridges the gap between program analysis and chat interfaces.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
🦡 codebadger
codebadger is a containerized Model Context Protocol (MCP) server that gives AI agents and LLMs deep, queryable access to a codebase's structure and data flow through Joern Code Property Graphs (CPGs).
Point it at a Git repository, a local path, or even a pasted code snippet, and codebadger builds a CPG and exposes it over MCP — so an assistant can run CPGQL queries, trace data flow and taint, slice programs, and hunt for vulnerabilities across Java, C/C++, JavaScript, Python, Go, Kotlin, C#, Ghidra, Jimple, PHP, Ruby, and Swift.
It's a general-purpose foundation for both program analysis (understanding code structure, call graphs, and data flow) and vulnerability analysis (taint tracking, bug hunting, and PoC development) — useful for academic research as well as industry security and engineering work. It's built to scale to large analysis batches with per-CPG worker pools, memory-aware scheduling, and a Postgres/Redis backend.
News
codebadger and its paper - Bridging Code Property Graphs and Language Models for Program Analysis - were accepted at the Software Vulnerability Management Workshop @ ICSE 2026. 🎉
Documentation
Everything a developer or security researcher needs lives in docs/:
| Doc | What's in it |
|---|---|
| Installation | Prerequisites and a 5-minute local setup. |
| Usage | Connecting MCP clients, the tool catalog, and a researcher workflow. |
| Available Tools | Every MCP tool by category, with a description of what each does. |
| Configuration | config.yaml / env reference, telemetry. |
| Deployment | Postgres/Redis, memory sizing, shared vs pool, large batches. |
| Architecture | System design and diagrams. |
| Security | Threat model, trust boundaries, and production hardening. |
| Custom Tools | Add your own detectors. |
| Contributing | Dev setup, tests, and guidelines. |
| Roadmap | What's shipped and what's next. |
Found a vulnerability using codebadger?
We'd love to hear about it - open a PR adding it to TROPHIES.md (CVE ID, project, one-line description, date).
Citation
@inproceedings{lekssays2026bridging,
title={Bridging Code Property Graphs and Language Models for Program Analysis},
author={Lekssays, Ahmed},
booktitle={Proceedings of the 2026 IEEE/ACM 4th International Workshop on Software Vulnerability Management},
pages={33--40},
year={2026}
}
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
