🧠 brain-dev
GitHub
MCP Server

Developer intelligence, on demand.

Coverage analysis, test generation, security audits, and refactoring suggestions — all accessible as MCP tools from your AI coding assistant.

Get started Read the Handbook

Install

pip install dev-brain

Run

dev-brain

Audit

await client.call_tool("security_audit", {...})

What it does

9 tools that turn raw code into actionable developer insights.

Security Audits

OWASP-style scanning detects SQL injection, command injection, hardcoded secrets, path traversal, and insecure crypto — with CWE references.

Smart Test Generation

AST-based pytest generation with proper mocks, fixtures, and imports that actually compile and run.

Coverage Analysis

Compare observed behavior patterns against test coverage to surface the gaps that matter most.

Refactoring Suggestions

Spot complexity hotspots, duplicated logic, and naming inconsistencies across your codebase.

UX Insights

Extract UX signals — dropoff points, error clusters, and behavior anomalies — from usage patterns.

Documentation Gaps

Find missing docstrings and generate templated documentation stubs for undocumented code.

Usage

Install

pip install dev-brain

Claude Desktop config

{
  "mcpServers": {
    "dev-brain": {
      "command": "dev-brain"
    }
  }
}

Security audit

result = await client.call_tool("security_audit", {
    "symbols": [{
        "name": "execute_query",
        "file_path": "db.py",
        "line": 10,
        "source_code": "cursor.execute(f\"SELECT ...\")"
    }],
    "severity_threshold": "medium"
})

Generate tests

result = await client.call_tool(
    "smart_tests_generate",
    { "file_path": "/path/to/module.py" }
)
# Returns complete pytest file

Security Patterns Detected

Vulnerability classes the security auditor catches out of the box.

Category
Severity
CWE
SQL Injection
Critical
CWE-89
Command Injection
Critical
CWE-78
Insecure Deserialization
Critical
CWE-502
Hardcoded Secrets
High
CWE-798
Path Traversal
High
CWE-22
Insecure Crypto
Medium
CWE-327

All Tools

The complete brain-dev toolkit.

Tool
Category
Description
coverage_analyze
Analysis
Compare patterns to test coverage, find gaps
behavior_missing
Analysis
Find user behaviors not handled in code
refactor_suggest
Analysis
Complexity, duplication, and naming suggestions
ux_insights
Analysis
Extract UX signals from behavior patterns
tests_generate
Generation
Generate test suggestions for coverage gaps
smart_tests_generate
Generation
AST-based pytest with mocks and fixtures
docs_generate
Generation
Documentation templates for undocumented code
security_audit
Security
Scan for OWASP-style vulnerabilities
brain_stats
Utility
Server statistics and configuration