MCP Integration
Use SecurityChecks with AI coding assistants via the Model Context Protocol (MCP).
MCP Integration
SecurityChecks ships a Model Context Protocol server that lets AI coding assistants scan your code for security invariants while you work. No context switching — your assistant runs scans, explains findings, and generates proof tests inline.
Why MCP?
Traditional security scanning lives outside the development loop. You write code, push, wait for CI, then read a report. MCP closes that gap:
- Scan as you code — your AI assistant triggers scans contextually
- Understand findings immediately — ask "why does this matter?" and get a staff-engineer-level explanation
- Generate proof tests — produce test skeletons that prove the invariant is enforced
- Report false positives — improve accuracy with inline feedback
Installation
npm install -g @securitychecks/mcp
This installs the scheck-mcp binary, which runs a stdio-based MCP server.
Configuration
Claude Code
Add to your claude_desktop_config.json (or project-level .mcp.json):
{
"mcpServers": {
"scheck": {
"command": "scheck-mcp",
"env": {
"SCHECK_MCP_ALLOWED_ROOTS": "."
}
}
}
}
Cursor
Add to .cursor/mcp.json in your project root:
{
"mcpServers": {
"scheck": {
"command": "scheck-mcp",
"env": {
"SCHECK_MCP_ALLOWED_ROOTS": "."
}
}
}
}
Available Tools
The MCP server exposes 6 tools:
| Tool | Description |
|---|---|
scheck_run | Run a full security audit on a path. Returns findings with severity, evidence, and staff-engineer context. |
scheck_list_findings | List findings from the last scan, optionally filtered by severity (P0, P1, P2). |
scheck_explain | Deep-dive on any invariant — why it matters, what incidents it prevents, and what proof is required. |
scheck_list_invariants | List all invariants, optionally filtered by category or severity. |
scheck_generate_test | Generate a test skeleton (vitest, jest, or playwright) that proves a pattern is enforced. |
scheck_feedback | Report a finding as true positive or false positive to improve accuracy. |
Environment Variables
| Variable | Description |
|---|---|
SCHECK_MCP_ALLOWED_ROOTS | Comma-separated list of directories the server is allowed to scan. Use . for the current working directory. |
MCP_ALLOWED_ROOTS | Alias for SCHECK_MCP_ALLOWED_ROOTS. |
If neither variable is set, the server defaults to the git repository root (if detected). It will refuse to scan if no allowed roots can be determined.
Usage Example
Here's a typical conversation flow with an AI assistant that has the SecurityChecks MCP server configured:
You: "Scan this project for security issues."
The assistant calls scheck_run with your project path and returns a summary:
Found 3 findings: 1 P0, 2 P1
P0: WEBHOOK.IDEMPOTENT
Webhook handler processes events without checking if already handled.
File: src/webhooks/stripe.ts:42
You: "Explain why webhook idempotency matters."
The assistant calls scheck_explain with WEBHOOK.IDEMPOTENT:
Staff engineer asks: "What happens when Stripe retries this webhook?
Will we double-charge the customer?"
Required proof: Test that sending the same event twice results in
the side effect happening only once.
You: "Generate a test for that."
The assistant calls scheck_generate_test with WEBHOOK.IDEMPOTENT and vitest:
describe('Webhook Idempotency', () => {
it('handles duplicate webhook events idempotently', async () => {
const event = { id: 'evt_test_123', type: 'payment.succeeded', data: { amount: 1000 } };
await processWebhook(event);
await processWebhook(event); // duplicate
const payments = await getPaymentRecords();
expect(payments.filter((p) => p.eventId === event.id)).toHaveLength(1);
});
});
You: "That first finding is actually handled by our middleware. Mark it as a false positive."
The assistant calls scheck_feedback with WEBHOOK.IDEMPOTENT, verdict false_positive, and reason missing_context.