Description

Cycode CLI MCP server that provides security scanning capabilities for detecting secrets, vulnerabilities, and compliance issues across codebases through Cycode's security platform. Built by Cycode Ltd., the implementation integrates with their cloud-based security service to perform SAST, SCA, IaC, and secrets scanning on local files, Git repositories, and commit ranges, supporting multiple programming languages and package managers including npm, Maven, Go, Ruby, and .NET. The server handles authentication via OAuth device flow, manages scan configurations, and provides detailed security reports with remediation guidance, making it valuable for developers who want to integrate automated security scanning into their AI-assisted development workflows without manually running CLI commands or navigating web dashboards.

Installation

npx -y cycode

npm install cycode

git clone https://github.com/cycodehq/cycode-cli

Claude Desktop Configuration

Add this configuration to your Claude Desktop config file to enable this MCP server:

Config file location: ~/Library/Application Support/Claude/claude_desktop_config.json

Config file location: %APPDATA%\Claude\claude_desktop_config.json

Config file location: ~/.config/Claude/claude_desktop_config.json

claude_desktop_config.json

{
  "mcpServers": {
    "cycode-security-scanner": {
      "command": "npx",
      "args": [
        "-y",
        "cycode"
      ]
    }
  }
}