Bench

Appearance

MCP Overview

Bench exposes its tools over Model Context Protocol (Streamable HTTP, JSON-RPC 2.0). Every CLI tool is available over MCP; the same handler code runs in both paths.

Connect with Claude

bash
claude mcp add --transport http bench http://localhost:8080/mcp

The endpoint is at http://localhost:8080/mcp. All tools are scoped to the single repo - no project parameter needed.

Tool groups

Tools are organized into seven groups matching the CLI categories:

GroupTools
gitsearch_code, get_blame, read_file, read_files, list_files, get_diff, list_changed_files, list_commits, list_branches
findingslist_findings, get_finding, create_finding, update_finding, delete_finding, resolve_finding, search_findings, batch_create_findings
commentslist_comments, get_comment, create_comment, update_comment, delete_comment, resolve_comment, batch_create_comments
featureslist_features, get_feature, create_feature, update_feature, delete_feature, batch_create_features, list_feature_parameters, get_feature_parameter, create_feature_parameter, update_feature_parameter, delete_feature_parameter
baselinesset_baseline, list_baselines, get_delta, delete_baseline
analyticsget_summary, get_coverage, mark_reviewed
reconcilereconcile, get_reconciliation_status, get_annotation_history

Tool reference

All tools are scoped to the single repo instance.

search_code

Search file contents with a regex pattern. Uses git grep -E (extended regex — ERE), so alternation (foo|bar), grouping ((foo)+), and +/? quantifiers work without escaping.

ParameterTypeRequiredDescription
patternstringyesExtended regex (ERE) pattern
commitstringnoCommit to search (default: HEAD)
pathstringnoScope to a directory or file
ignore_caseboolnoCase-insensitive match
fixedboolnoTreat pattern as a literal string (disables regex)
limitintnoMax matches to return (default: 100, max: 500)

get_blame

Get git blame for a file, showing who last modified each line.

ParameterTypeRequiredDescription
pathstringyesFile path
commitstringnoCommit (default: HEAD)
startintnoStart of line range
endintnoEnd of line range

read_file

Read file content at a specific commit. Returns content with line numbers prefixed (LINE\tCONTENT).

ParameterTypeRequiredDescription
pathstringyesFile path
commitstringnoCommit (default: HEAD)
startintnoFirst line to return, 1-indexed
endintnoLast line to return, inclusive

read_files

Read multiple files in a single call. Returns each file's content with line numbers prefixed, separated by a === path === header. Prefer this over repeated read_file calls when reading 2 or more files. Max 20 files per call.

ParameterTypeRequiredDescription
pathsstring[]yesFile paths relative to repo root (max 20)
commitstringnoCommit (default: HEAD)

list_files

ParameterTypeRequiredDescription
commitstringnoCommit (default: HEAD)
prefixstringnoFilter to paths under this directory prefix

get_diff

ParameterTypeRequiredDescription
fromstringyesBase commit
tostringyesTarget commit
pathstringnoScope diff to this file path

list_changed_files

ParameterTypeRequiredDescription
fromstringyesBase commit
tostringyesTarget commit

list_commits

ParameterTypeRequiredDescription
limitintnoMax commits (default: 20, max: 500)
fromstringnoStart of range (exclusive)
tostringnoEnd of range (inclusive, default: HEAD)
pathstringnoOnly commits touching this file path

list_branches

No parameters.

list_findings

ParameterTypeRequiredDescription
filestringnoFilter by file path
severitystringnoFilter by severity
statusstringnoFilter by status
categorystringnoFilter by category
resolvedboolnoInclude resolved findings (default: false)

get_finding

ParameterTypeRequiredDescription
idstringyesFinding ID

create_finding

ParameterTypeRequiredDescription
titlestringyesShort title
severitystringyescritical | high | medium | low | info
filestringyesFile path
commitstringyesCommit hash or ref (e.g. HEAD, branch name, or full SHA)
descriptionstringyesDetailed description
startintnoStart line
endintnoEnd line
cwestringnoCWE identifier (e.g. CWE-89)
cvestringnoCVE identifier
vectorstringnoCVSS vector
scorefloatnoCVSS score
statusstringnoInitial status: draft (tentative) or open (confirmed). Default: draft.
sourcestringnoTool or scanner that found it. One of pentest, tool, manual, mcp. Default: mcp.
categorystringnoCategory label
external_idstringnoExternal identifier from source system (e.g. F001, VULN-42)
featuresstring[]noFeature IDs to link to this finding

update_finding

ParameterTypeRequiredDescription
idstringyesFinding ID
titlestringnoNew title
severitystringnoNew severity
descriptionstringnoNew description
statusstringnoNew status
filestringnoNew file path (re-anchors; recomputes line hash)
commitstringnoNew commit (re-anchors; recomputes line hash)
startintnoNew start line (re-anchors; recomputes line hash)
endintnoNew end line (re-anchors; recomputes line hash)
cwestringnoNew CWE
cvestringnoNew CVE
categorystringnoNew category
external_idstringnoExternal identifier from source system
featuresstring[]noLinked feature IDs (replaces full list)

delete_finding / resolve_finding

ParameterTypeRequiredDescription
idstringyesFinding ID
commitstringyes (resolve only)Commit where it was fixed

search_findings

ParameterTypeRequiredDescription
querystringyesSearch query
statusstringnoFilter by status
severitystringnoFilter by severity

batch_create_findings

Create multiple findings in a single transaction. Accepts the same fields as create_finding in a findings array. title, severity, file, commit, and description are required per item. Optional fields: start, end, cwe, cve, vector, score, status, source, category, external_id, features. All-or-nothing — rolls back on any error.

list_comments

ParameterTypeRequiredDescription
filestringnoFilter by file path
findingstringnoFilter to comments linked to this finding
featurestringnoFilter to comments linked to this feature
resolvedboolnoInclude resolved comments (default: false)
fullboolnoReturn full comment bodies (default: false, truncates at 120 chars)

get_comment / delete_comment

ParameterTypeRequiredDescription
idstringyesComment ID

create_comment

ParameterTypeRequiredDescription
authorstringyesAuthor name
textstringyesComment text
filestringyesFile path
commitstringyesGit commit
startintnoStart line
endintnoEnd line
parentstringnoParent comment ID (inherits the parent's thread)
findingstringnoRelated finding ID
featurestringnoRelated feature ID
typestringnofeature | improvement | question | concern

update_comment

ParameterTypeRequiredDescription
idstringyesComment ID
textstringnoNew text
authorstringnoNew author name
filestringnoNew file path (re-anchors; recomputes line hash)
commitstringnoNew commit (re-anchors; recomputes line hash)
startintnoNew start line (re-anchors; recomputes line hash)
endintnoNew end line (re-anchors; recomputes line hash)

resolve_comment

ParameterTypeRequiredDescription
idstringyesComment ID
commitstringyesCommit where it was resolved

batch_create_comments

Create multiple comments in a single call. Accepts a comments array where each item takes the same fields as create_comment. author, file, commit, and text are required per item.

list_features

List architectural feature annotations, optionally filtered.

ParameterTypeRequiredDescription
filestringnoFilter by file path
kindstringnoFilter by kind: interface | source | sink | dependency | externality
statusstringnoFilter by status: draft | active | deprecated | removed | orphaned

get_feature

ParameterTypeRequiredDescription
idstringyesFeature ID

create_feature

Annotate an architectural feature: an API interface, data source/sink, dependency injection point, or externality (background worker, side-effect).

ParameterTypeRequiredDescription
filestringyesFile path
commitstringyesCommit hash or ref (e.g. HEAD, branch name, or full SHA)
kindstringyesinterface (API endpoint/handler) | source (data input: DB read, file read) | sink (data output: DB write, outbound call) | dependency (third-party lib/service) | externality (background job, scheduler, side-effect)
titlestringyesShort label. Do not include the HTTP method (e.g. "Login endpoint", not "POST /login"). Use operation for it.
startintnoStart line
endintnoEnd line
descriptionstringnoDetailed description
operationstringnoHTTP method (GET/POST/…), gRPC method name, GraphQL operation type (query/mutation/subscription), etc.
directionstringnoData flow relative to the service: in (entering) | out (leaving)
protocolstringnoProtocol (e.g. rest, grpc, graphql, websocket)
statusstringnoInitial status (default: active)
tagsstring[]noOptional tags
sourcestringnoTool or scanner that identified the feature

update_feature

ParameterTypeRequiredDescription
idstringyesFeature ID
kindstringnoNew kind
titlestringnoNew title
descriptionstringnoNew description
operationstringnoNew operation
directionstringnoNew direction
protocolstringnoNew protocol
statusstringnoNew status
tagsstring[]noNew tags
filestringnoNew file path (re-anchors; recomputes line hash)
commitstringnoNew commit (re-anchors; recomputes line hash)
startintnoNew start line (re-anchors; recomputes line hash)
endintnoNew end line (re-anchors; recomputes line hash)

delete_feature

ParameterTypeRequiredDescription
idstringyesFeature ID

batch_create_features

Create multiple feature annotations in one transaction. All-or-nothing. Accepts a features array where each item takes the same fields as create_feature. file, commit, kind, and title are required per item. Max 100 per call.

list_feature_parameters

ParameterTypeRequiredDescription
featurestringyesFeature ID

get_feature_parameter

ParameterTypeRequiredDescription
idstringyesParameter ID

create_feature_parameter

ParameterTypeRequiredDescription
featurestringyesFeature ID
namestringyesParameter name
descriptionstringnoWhat it carries or security notes
typestringnostring | integer | boolean | object | array | file
patternstringnoConstraint: regex, enum, min/max, format hint, etc.
requiredbooleannoWhether the parameter is required

update_feature_parameter

ParameterTypeRequiredDescription
idstringyesParameter ID
namestringnoNew name
descriptionstringnoNew description
typestringnoNew type
patternstringnoNew constraint
requiredbooleannoNew required flag

delete_feature_parameter

ParameterTypeRequiredDescription
idstringyesParameter ID

set_baseline

ParameterTypeRequiredDescription
reviewerstringnoWho is setting the baseline
summarystringnoOptional note
commitstringnoGit commit (default: HEAD)

list_baselines

ParameterTypeRequiredDescription
limitintnoMax baselines (default: 20)

get_delta

ParameterTypeRequiredDescription
baselinestringnoOmit to compare current state vs. latest baseline. Provide to compare that baseline against its predecessor.

delete_baseline

By default, returns a preview of what would be deleted (dry run). Set confirm to actually delete.

ParameterTypeRequiredDescription
baselinestringyesBaseline ID
confirmbooleannoSet to true to actually delete. Default: false (preview).

get_summary

Returns finding and comment counts by severity, status, and category. No parameters (or optional commit).

get_coverage

ParameterTypeRequiredDescription
commitstringnoCommit to check against
pathstringnoScope to a directory
only_unreviewedboolnoOnly return unreviewed files

mark_reviewed

ParameterTypeRequiredDescription
pathstringyesFile path
commitstringyesCommit being reviewed
reviewerstringnoReviewer name
notestringnoOptional note

reconcile

ParameterTypeRequiredDescription
targetstringnoCommit to reconcile to (default: HEAD)
filesstring[]noScope to specific files

get_reconciliation_status

ParameterTypeRequiredDescription
jobstringnoSpecific job ID
filestringnoFilter by file
commitstringnoFilter by commit (use with file)

get_annotation_history

ParameterTypeRequiredDescription
typestringyesfinding or comment
idstringyesFinding or comment ID