← Back to Skills

Moai Tool Ast Grep

🌐Community
by modu-ai · vlatest · Repository

Searches your codebase for specific code patterns (AST Grep) using Moai's powerful tooling – ideal for quick bug hunting and understanding complex projects.

Install on your platform

We auto-selected Claude Code based on this skill’s supported platforms.

1

Run in terminal (recommended)

terminal
claude mcp add moai-tool-ast-grep npx -- -y @trustedskills/moai-tool-ast-grep
2

Or manually add to ~/.claude/settings.json

~/.claude/settings.json
{
  "mcpServers": {
    "moai-tool-ast-grep": {
      "command": "npx",
      "args": [
        "-y",
        "@trustedskills/moai-tool-ast-grep"
      ]
    }
  }
}

Requires Claude Code (claude CLI). Run claude --version to verify your install.

About This Skill

What it does

This tool integrates AST-Grep capabilities into AI agents, enabling them to parse and analyze code using Abstract Syntax Trees. It allows agents to search for specific patterns, types, or structures within source files with high precision.

When to use it

  • Pattern Hunting: Locate specific variable names, function signatures, or error-prone code blocks across a large codebase.
  • Refactoring Support: Identify all instances of a deprecated API usage to assist in bulk updates.
  • Security Audits: Search for hardcoded secrets or vulnerable design patterns like SQL injection points.
  • Documentation Generation: Extract function definitions and comments to auto-generate API documentation.

Key capabilities

  • Parses code into Abstract Syntax Trees (AST) for structural understanding.
  • Supports regex-based pattern matching on AST nodes.
  • Filters results by specific language types or node properties.
  • Enables deep traversal of complex code hierarchies.

Example prompts

  • "Find all instances where the fetch function is called without an error handler in this repository."
  • "List every variable named password that is defined as a string literal."
  • "Identify all functions that accept user input but do not sanitize it before database queries."

Tips & gotchas

Ensure your AI agent has access to the relevant source code files, as AST analysis requires parsing actual file contents. This tool is most effective for static analysis tasks rather than runtime behavior testing; complex logic errors may still require execution-based verification.

View Repository →

Tags

🛡️

TrustedSkills Verification

Unlike other registries that point to live repositories, TrustedSkills pins every skill to a verified commit hash. This protects you from malicious updates — what you install today is exactly what was reviewed and verified.

Security Audits

Gen Agent Trust HubPass
SocketPass
SnykPass

Details

Version
vlatest
License
Author
modu-ai
Installs
47
Repository (canonical source) →

🌐 Community

Passed automated security scans.