Endor Labs
Created 5 months ago
Endor Labs MCP server integrates security scanning into your development workflow.
What is Endor Labs?
Find and fix security risks in you code. Integrate [Endor Labs](https://endorlabs.com) to scan and secure your code from vulnerabilities and secret leaks.
Documentation
Endor Labs MCP Server Documentation# Introduction
The Endor Labs MCP server integrates seamlessly into your development workflow, scanning your code as you write. You can catch issues long before they’re a problem in production.
Tools
- check_dependency_for_vulnerabilities: Check if the dependencies in your project are vulnerable.
- get_endor_vulnerability: Get the details of a specific vulnerability from the Endor Labs vulnerability database.
- get_resource: Add additional context from commonly used Endor Labs resources about your software such as findings, vulnerabilities, and projects.
- scan: Run an Endor Labs security scan to detect risks in your open source dependencies, find common security issues, and spot any credentials accidentally exposed in your Git repository.
Prerequisites
Before running the Endor Labs MCP server, ensure that you install the latest version of endorctl and authenticate to Endor Labs. The authenticated user must have at least Code Scanner and Read-Only permissions. If you wish to run SAST scans, ensure that you install Semgrep in your local system.
Configuration
To configure the MCP server, add the following configuration to your .cursor/mcp.json file:
{
"mcpServers": {
"endor-cli-tools": {
"type": "stdio",
"command": "endorctl",
"args": ["ai-tools", "mcp-server"],
"env": {"MCP_ENDOR_SCAN_LANGUAGES": "<languages to scan>"}
}
}
}
Usage
You can use the MCP server with various IDEs and CI/CD tools to enhance your development process.
Server Config
{
"mcpServers": {
"endor-labs-server": {
"command": "npx",
"args": [
"endor-labs"
]
}
}
}