You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
| [auth](#using-the-auth-command) | Authenticate your machine to associate the CLI with your Cycode account. |
295
300
| [configure](#using-the-configure-command) | Initial command to configure your CLI client authentication. |
296
-
| [ignore](#ignoring-scan-results) | Ignore a specific value, path or rule ID. |
301
+
| [ignore](#ignoring-scan-results) | Ignore a specific value, path or rule ID. |
302
+
| [mcp](#mcp-command-experiment) | Start the Model Context Protocol (MCP) server to enable AI integration with Cycode scanning capabilities. |
297
303
| [scan](#running-a-scan) | Scan the content for Secrets/IaC/SCA/SAST violations. You`ll need to specify which scan type to perform: commit-history/path/repository/etc. |
298
-
| [report](#report-command) | Generate report. You will need to specify which report type to perform as SBOM. |
304
+
| [report](#report-command) | Generate report. You will need to specify which report type to perform as SBOM. |
299
305
| status | Show the CLI status and exit. |
300
306
307
+
# MCP Command \[EXPERIMENT\]
308
+
309
+
> [!WARNING]
310
+
> The MCP command is available only for Python 3.10 and above. If you're using an earlier Python version, this command will not be available.
311
+
312
+
The Model Context Protocol (MCP) command allows you to start an MCP server that exposes Cycode's scanning capabilities to AI systems and applications. This enables AI models to interact with Cycode CLI tools via a standardized protocol.
313
+
314
+
> [!TIP]
315
+
> For the best experience, install Cycode CLI globally on your system using `pip install cycode` or `brew install cycode`, then authenticate once with `cycode auth`. After global installation and authentication, you won't need to configure `CYCODE_CLIENT_ID` and `CYCODE_CLIENT_SECRET` environment variables in your MCP configuration files.
316
+
317
+
[](https://cursor.com/install-mcp?name=cycode&config=eyJjb21tYW5kIjoidXZ4IGN5Y29kZSBtY3AiLCJlbnYiOnsiQ1lDT0RFX0NMSUVOVF9JRCI6InlvdXItY3ljb2RlLWlkIiwiQ1lDT0RFX0NMSUVOVF9TRUNSRVQiOiJ5b3VyLWN5Y29kZS1zZWNyZXQta2V5IiwiQ1lDT0RFX0FQSV9VUkwiOiJodHRwczovL2FwaS5jeWNvZGUuY29tIiwiQ1lDT0RFX0FQUF9VUkwiOiJodHRwczovL2FwcC5jeWNvZGUuY29tIn19)
318
+
319
+
320
+
## Starting the MCP Server
321
+
322
+
To start the MCP server, use the following command:
323
+
324
+
```bash
325
+
cycode mcp
326
+
```
327
+
328
+
By default, this starts the server using the `stdio` transport, which is suitable for local integrations and AI applications that can spawn subprocesses.
| `cycode_secret_scan` | Scan files for hardcoded secrets |
346
+
| `cycode_sca_scan` | Scan files for Software Composition Analysis (SCA) - vulnerabilities and license issues |
347
+
| `cycode_iac_scan` | Scan files for Infrastructure as Code (IaC) misconfigurations |
348
+
| `cycode_sast_scan` | Scan files for Static Application Security Testing (SAST) - code quality and security flaws |
349
+
| `cycode_status` | Get Cycode CLI version, authentication status, and configuration information |
350
+
351
+
### Usage Examples
352
+
353
+
#### Basic Command Examples
354
+
355
+
Start the MCP server with default settings (stdio transport):
356
+
```bash
357
+
cycode mcp
358
+
```
359
+
360
+
Start the MCP server with explicit stdio transport:
361
+
```bash
362
+
cycode mcp -t stdio
363
+
```
364
+
365
+
Start the MCP server with Server-Sent Events (SSE) transport:
366
+
```bash
367
+
cycode mcp -t sse -p 8080
368
+
```
369
+
370
+
Start the MCP server with streamable HTTP transport on custom host and port:
371
+
```bash
372
+
cycode mcp -t streamable-http -H 0.0.0.0 -p 9000
373
+
```
374
+
375
+
Learn more about MCP Transport types in the [MCP Protocol Specification – Transports](https://modelcontextprotocol.io/specification/2025-03-26/basic/transports).
376
+
377
+
#### Configuration Examples
378
+
379
+
##### Using MCP with Cursor/VS Code/Claude Desktop/etc (mcp.json)
380
+
381
+
> [!NOTE]
382
+
> For EU Cycode environments, make sure to set the appropriate `CYCODE_API_URL` and `CYCODE_APP_URL` values in the environment variables (e.g., `https://api.eu.cycode.com` and `https://app.eu.cycode.com`).
383
+
384
+
Follow [this guide](https://code.visualstudio.com/docs/copilot/chat/mcp-servers) to configure the MCP server in your **VS Code/GitHub Copilot**. Keep in mind that in `settings.json`, there is an `mcp` object containing a nested `servers` sub-object, rather than a standalone `mcpServers` object.
385
+
386
+
For **stdio transport** (direct execution):
387
+
```json
388
+
{
389
+
"mcpServers": {
390
+
"cycode": {
391
+
"command": "cycode",
392
+
"args": ["mcp"],
393
+
"env": {
394
+
"CYCODE_CLIENT_ID": "your-cycode-id",
395
+
"CYCODE_CLIENT_SECRET": "your-cycode-secret-key",
396
+
"CYCODE_API_URL": "https://api.cycode.com",
397
+
"CYCODE_APP_URL": "https://app.cycode.com"
398
+
}
399
+
}
400
+
}
401
+
}
402
+
```
403
+
404
+
For **stdio transport** with `pipx` installation:
405
+
```json
406
+
{
407
+
"mcpServers": {
408
+
"cycode": {
409
+
"command": "pipx",
410
+
"args": ["run", "cycode", "mcp"],
411
+
"env": {
412
+
"CYCODE_CLIENT_ID": "your-cycode-id",
413
+
"CYCODE_CLIENT_SECRET": "your-cycode-secret-key",
414
+
"CYCODE_API_URL": "https://api.cycode.com",
415
+
"CYCODE_APP_URL": "https://app.cycode.com"
416
+
}
417
+
}
418
+
}
419
+
}
420
+
```
421
+
422
+
For **stdio transport** with `uvx` installation:
423
+
```json
424
+
{
425
+
"mcpServers": {
426
+
"cycode": {
427
+
"command": "uvx",
428
+
"args": ["cycode", "mcp"],
429
+
"env": {
430
+
"CYCODE_CLIENT_ID": "your-cycode-id",
431
+
"CYCODE_CLIENT_SECRET": "your-cycode-secret-key",
432
+
"CYCODE_API_URL": "https://api.cycode.com",
433
+
"CYCODE_APP_URL": "https://app.cycode.com"
434
+
}
435
+
}
436
+
}
437
+
}
438
+
```
439
+
440
+
For **SSE transport** (Server-Sent Events):
441
+
```json
442
+
{
443
+
"mcpServers": {
444
+
"cycode": {
445
+
"url": "http://127.0.0.1:8000/sse"
446
+
}
447
+
}
448
+
}
449
+
```
450
+
451
+
For **SSE transport** on custom port:
452
+
```json
453
+
{
454
+
"mcpServers": {
455
+
"cycode": {
456
+
"url": "http://127.0.0.1:8080/sse"
457
+
}
458
+
}
459
+
}
460
+
```
461
+
462
+
For **streamable HTTP transport**:
463
+
```json
464
+
{
465
+
"mcpServers": {
466
+
"cycode": {
467
+
"url": "http://127.0.0.1:8000/mcp"
468
+
}
469
+
}
470
+
}
471
+
```
472
+
473
+
##### Running MCP Server in Background
474
+
475
+
For **SSE transport** (start server first, then configure client):
> The MCP server requires proper Cycode CLI authentication to function. Make sure you have authenticated using `cycode auth` or configured your credentials before starting the MCP server.
507
+
508
+
### Troubleshooting MCP
509
+
510
+
If you encounter issues with the MCP server, you can enable debug logging to get more detailed information about what's happening. There are two ways to enable debug logging:
511
+
512
+
1. Using the `-v` or `--verbose` flag:
513
+
```bash
514
+
cycode -v mcp
515
+
```
516
+
517
+
2. Using the `CYCODE_CLI_VERBOSE` environment variable:
518
+
```bash
519
+
CYCODE_CLI_VERBOSE=1 cycode mcp
520
+
```
521
+
522
+
The debug logs will show detailed information about:
523
+
- Server startup and configuration
524
+
- Connection attempts and status
525
+
- Tool execution and results
526
+
- Any errors or warnings that occur
527
+
528
+
This information can be helpful when:
529
+
- Diagnosing connection issues
530
+
- Understanding why certain tools aren't working
531
+
- Identifying authentication problems
532
+
- Debugging transport-specific issues
533
+
534
+
301
535
# Scan Command
302
536
303
537
## Running a Scan
304
538
305
539
The Cycode CLI application offers several types of scans so that you can choose the option that best fits your case. The following are the current options and commands available:
0 commit comments