Davide de Sio built KiroGraph as a personal side project to stop his AI agent from burning through credits just searching files. It turned into a community-driven, open-source MCP server that gives Kiro (and other AI agents) a semantic map of your codebase — reducing token usage by up to 80%. We dive into the architecture, security, and modules, how everything runs 100% locally, and how the AWS Community shaped the project's roadmap. Key takeaways: • Code graphs vs. grep — Tree-sitter and AST-based graph generation give AI agents a smarter navigation model, eliminating wasteful file searches. • Architecture module — Detects patterns and prevents drift by validating your codebase against its own structural rules. • Security module — Finds exposed secrets and vulnerabilities by tracing the call graph, born from an AWS Summit Milano talk. • Watchman module — Auto-generates Kiro skills from repetitive patterns, building persistent memory for your agent. • 100% local execution — Embeddings run with Nomic and summarization with Gemma 3, no data leaves your machine. • Spec-driven development — Davide built KiroGraph with Kiro itself, using specs to drive the entire development lifecycle. • Portability — Commit the graph to Git and share it across machines and team members. • Community-driven roadmap — CI/CD integration, validation hooks, and container deployment are next.

With Davide de Sio, Head of Software Engineering at Eleva

KiroGraph — Open-Source Code Knowledge Graph (GitHub)

Kiro IDE — AI-Powered Development Environment

Tree-sitter — Incremental Parsing System

Nomic Embed — Local Text Embeddings

AWS Community Builders Program

Davide's Blog — Building KiroGraph

KiroGraph-Sec — From AWS Summit Milano to a Cybersecurity Feature