Skip to main content
  • Checkmarx Documentation
  • Checkmarx One
  • MCP Server - Interacting with Checkmarx One via AI Assistant

MCP Server - Interacting with Checkmarx One via AI Assistant

Overview

Modern development and security workflows are increasingly centered around AI-assisted environments. However, traditional security tooling often requires users to leave these environments to take action, disrupting productivity and reducing engagement. The Checkmarx MCP Server addresses this gap by bringing security operations directly into the tools where users already work — making it easier to adopt, integrate, and act on security insights in real time.

The Checkmarx MCP Server acts as a translation layer between the AI assistant and the Checkmarx One REST APIs, enabling developers and security teams to interact with Checkmarx One directly from their AI assistants - within the IDE, terminal, or chat - using natural language. Users can trigger scans, retrieve findings, and query security posture within AI workflows without needing to switch to the platform UI. That means that a developer can now request a scan and immediately receive prioritized results and a security lead can query organization-wide coverage and risk trends, without disrupting their workflows.

Built on the Model Context Protocol (MCP), an open standard for connecting AI assistants to external tools and data sources, the Checkmarx MCP Server exposes a curated set of capabilities that map to Checkmarx One functionality. It acts as a controlled interface between AI agents and the Checkmarx APIs, enabling secure, structured access to data and actions through natural language. This release introduces the initial phase of the MCP Server - providing a minimal set of capabilities required to support meaningful, end-to-end workflows for both developers and AppSec teams. We will soon be adding more advanced capabilities such as automated triage, external integrations, and agent-driven workflows.

Who is it for?

  • Developers - Trigger scans and receive prioritized findings directly within the IDE or terminal, without switching between tools.

  • AppSec Engineers - Query findings by severity, type, or scanner; manage project and application inventory; and monitor scan status.

  • Security Leads - Gain organization-wide visibility into scan coverage, risk posture, and trends across teams through simple, natural language queries.

Limitations

  • Scanners - Currently supported only for SAST, SCA, IaC Security and Secrets. Additional scanners will be added soon.

  • Tools - The initial phase provides tools in the areas of remediation, scan workflow, project and application management and scan history, but does not support state changes (triage), risk prioritization or other advanced Checkmarx One workflows.

Prerequisites

Certain MCP features require the Checkmarx CLI to be installed and configured. To enable these features, ensure that the Checkmarx CLI is installed and that the MCP can access its executable path.

For best results, use credentials with matching permissions in both the Checkmarx CLI and the MCP server configuration. Permission mismatches may prevent some operations from completing successfully.

Local directory scanning specifically requires access to the Checkmarx CLI and is not available through the MCP alone.

Data Security

  • Data in encryption in transit - TLS 1.2+ on all connections

  • No credential storage or logging

  • Complete tenant segregation

  • RBAC passthrough enforced - no privilege escalation via MCP

  • Repo URL credentials always sanitized - never shown to user

  • No destructive activities (e.g., project deletion) allowed via MCP

Authentication and Permissions

Authentication is done using an OAuth login workflow or by submitting an API Key. Once authenticated, the MCP is able to interact with the relevant tenant account based on the specific set of permissions assigned to the user or API Key.

The MCP is available to all Checkmarx One customers. However, functionality is limited based on:

  • License Packages - Only tools licensed for your account are available. For example, remediation tools are only available for accounts with Checkmarx One Assist, AI Protection or Checkmarx Developer Assist license. In addition, only licensed scanners can be run.

  • User Permissions - Tools are only available to users with the relevant permission for each action (based on Checkmarx One IAM). For example, only users with permission to run scans can initiate a scan via the MCP. And, only users with access to a particular project can ask the MCP to view results for that project.

OAuth-based Authentication

Checkmarx MCP supports two types of OAuth-based authentication:

  • Predefined OAuth Client — Uses a fixed OAuth client that is registered in advance. This is the simpler option, relying on a known, shared client identity. Use this predefined clientId: cx-mcp-client

    Note

    Predefined Oauth Client is not supported for Codex CLI, Coplilot CLI, Kiro IDE, Antigravity IDE

  • Dynamic Client Registration (DCR) — The MCP client registers itself dynamically at runtime by calling the authorization server's registration endpoint, obtaining its own client credentials on the fly.

    Caution

    There is an upper limit of 500 clients per tenant using DCR authentication. When the limit is reached, the following message is displayed:

    Policy 'Max Clients Limit' rejected request to client-registration service

    In this case, you must use one of the other authentication methods for some of your users.

Installation and Configuration

Before installing the MCP, determine which authentication method you will use. For information about supported authentication methods and platform compatibility, see above.

The Checkmarx MCP can be used with any AI platform that supports the Model Context Protocol (MCP), including IDE assistants, web-based AI platforms, CLI assistants, and custom integrations.

Notice

For all installation flows, you will need to provide your Checkmarx One Server Base URL.

Installing with API Key Authentication Flow

We offer three methods for installing the MCP using API Key authentication: Installing from Marketplace, Installing from CLI and Manual Installation.

For all three methods, you will need your Checkmarx Base URL and an API Key.

Notice

To learn how to generate an API Key in Checkmarx One, see Generating an API Key.

Install from Marketplace

The MCP is available on Marketplace for many popular platforms. Simply, search for Checkmarx in the relevant marketplace and follow the platform installation flow.

Supported marketplaces include:

Notice

The MCP may not be available yet on some of these marketplaces.

Installation

  1. Search for Checkmarx in the relevant marketplace.

  2. Select Install or Add Connector, depending on your platform.

  3. Complete the configuration steps presented by the platform.

Depending on the platform, you may be asked to provide your Checkmarx Base Url and a Checkmarx One API Key.

Some platforms install the MCP configuration with placeholder values rather than prompting for configuration during installation. In these cases, open the MCP configuration file and update the placeholder values as described in Manual Installation.

Install Using CLI

You can register, authenticate and enable the MCP from the command line on supported platforms, using industry standards for MCP tools.

Install Manually

You can create a custom integration by installing the MCP manually as a JSON file in the relevant folder in your platform.

{
   "servers":{
      "checkmarx":{
         "url":"<Checkmarx_one_base_url>/api/security-mcp/mcp",
         "headers":{
            "cx-origin":"<your_platform>",
            "Authorization":"<Checkmarx_one_API_key>"
         }
      }
   }
}

Replace the placeholder values as follows:

  • In the url field, replace the placeholder with the base url for your environment.

  • For cx-origin, enter the name of the platform that you are using (Possible values: Vscode, Jetbrains, Cursor, Windsurf, Kiro) .

    Notice

    This is used for analytics tracking.

  • For Authorization, enter your API key.

Installing with OAuth Authentication Flow

Methods of installation with OAuth authentication flow vary from platform to platform. For all installation flows you will need your Checkmarx Base URL and Tenant Name. The tenant name must be specified as a dynamic path parameter in the endpoint URL, immediately following the /mcp segment.

Claude CLI

Gemini CLI

Codex CLI

Copilot CLI

Cursor IDE

Kiro IDE

Antigravity IDE

Claude Web and Claude Desktop

Checkmarx MCP can be added as custom connectors.

Note

Enterprise Administrators can introduce custom connectors as described here.

  1. Navigate to Organization settings > Connectors.

  2. Click the Add button.

  3. Hover over Custom, then select Web.

  4. Add your connector's remote MCP server URL (e.g. "${CX_BASE_URL}/api/security-mcp/mcp/{tenantName}")

  5. To use a predefined client ID, click “Advanced settings” and specify the following OAuth Client ID: cx-mcp-client

  6. Click Add.

Using the MCP

Interact with Checkmarx One via natural language chat in your AI assistant. The MCP interprets your instructions and runs the appropriate tools to provide the requested information and initiate the appropriate activities. A single prompt can trigger a series of tools, with the AI Agent requesting confirmation or additional input before moving from one step to the next.

The following is a list of tools by category. More detailed info about each tool is available below in MCP Tools.

  • Remediation

    • packageRemediation

    • codeRemediation

    • imageRemediation

  • Scan Workflow

    • planScan

    • triggerScan

    • getScanDetails

    • getLatestScans

    • listFindings

    • getFindingDetails

    • getTenantVulnerabilitiesSummary

  • Project Management

    • resolveProject

    • createProject

    • listProjects

    • getProjectConfig

  • Application Management

    • listApplications

    • getApplicationDetails

    • createApplication

    • associateProject

  • Scan History

    • listScans

Sample Workflows

Scan Project

The MCP can be used to run an E2E flow of triggering a scan, viewing results, identifying risks, and remediating those risks. The process begins by the developer entering a chat "scan this project" (or similar prompt). AI Agent runs the following tools, asking for input and/or confirmation before moving from one step to the next:

  1. resolveProject - Checks if a corresponding project already exists in your Checkmarx One account, based on project name.

    Notice

    To identify a project based on repository URL, other prompts are used. For example, trigger the listProjects tool by asking the agent to "Show Checkmarx projects", and search for the desired repository URL.

  2. createProject - If the project doesn't exist, then a new project is created.

  3. getLatestScans - For pre-existing projects, checks if a scan has already run on the same commit, enabling display of results from that scan.

  4. planScan - Checks file types and determines which scanners to run.

  5. triggerScan - The scan is run using the relevant scanners.

  6. getScanDetails - Polls the status of the scan, until it is completed.

    Notice

    For longer scans, the scan will continue running in the background and the user needs to prompt to check for completion.

    This tool also provides vulnerability summaries by severity upon scan completion.

  7. The developer can drill down further by asking additional questions like, "show me the critical vulnerabilities", "which packages have critical risks", "Show me all revealed secrets" etc. (triggering additional tools such as listFindings and getFindingDetails.

  8. After identifying a vulnerability that requires remediaton the user can give instructions to remediate by saying "fix it", "find a safer package", "remediate this finding" etc. (triggering packageRemediation, codeRemediation or imageRemediation).

MCP Tools

The following sections explain the various tools included in the MCP. The tools are grouped by category.

Warning

The "Triggered by (examples)" column is intended to provide general guidance for how these tools can be used. However, the specific phrases haven't been tested and we can't guarentee accurate results.

Remediation

These tools are used to analyze and remediate various types risks.

Warning

These tools require an Checkmarx One Assist, AI Protection or Checkmarx Developer Assist license.

Tool

Triggered by (examples)

Description

packageRemediation

  • "fix this"

  • "is this package safe"

  • "is this package malicious"

  • "remediate this finding"

  • "find a safer package"

Analyze and remediate risk for one specific package or dependency version, including CVEs and malicious package concerns.

Use when: user asks whether a specific package is safe, wants to fix a vulnerable dependency, or check if a package is malicious.

Requires: packageName, packageVersion, packageManager, issueType.

Returns: remediation guidance with safer versions and alternatives when available.

codeRemediation

  • "fix this"

  • "is this code safe"

  • "remediate this finding"

  • "revealed secrets"

  • "improve infrastructure configuration"

Provide remediation guidance for one specific code security issue, including SAST findings, exposed secrets, and IaC misconfigurations.

Use when: user wants to fix a code vulnerability such as SQL injection, XSS, a hardcoded secret, or an infrastructure misconfiguration.

Requires: type (secret/sast/iac). For sast and iac also requires finding metadata.

Returns: remediation steps and fix guidance.

imageRemediation

  • "fix this"

  • "is this image safe"

  • "remediate this finding"

  • "safer base image"

Analyze and remediate risk for one specific container image or base image reference.

Use when: user asks whether a container image is safe, wants CVE guidance for an image, or wants a safer base image.

Requires: imageName, imageTag.

Returns: image-specific remediation guidance and alternatives when available.

Scan Workflow

Use this set of tools to plan, start, and read scan progress and to view scan summaries and detailed scan results.

Notice

To optimize token usage, summaries are always returned before listing complete findings.

Tool

Triggered by (examples)

Description

planScan

  • "scan this project"

  • "scan this repo"

  • "is this code secure"

Recommend the right Checkmarx scan engines and execution strategy for a target codebase.

Use when: scanning requested and engines not specified.

Requires:

  • For local scans: representative file list.

  • For repository-based scans: repo_url. No need to provide a representative file list.

Returns: recommended engines and whether to use local CLI or repository scanning.

triggerScan

  • scan workflow

  • "run SAST"

Start a scan or return the exact local CLI command (via scan_mode).

Use when: user asks to scan.

Requires: project context and absolute source_path (cli) or project_id + repo_url (api).

Returns: scan_id and dashboard URL (api) or local command (cli).

getScanDetails

  • scan workflow

  • "check scan progress"

  • "is scan completed"

Get current status of a scan.

Use when: user asks for progress or completion.

Requires: scan_id.

Returns: status and severity summary at completion.

getLatestScans

  • scan workflow

  • "show recent scans"

  • "when was this project scanned"

Return the most recent scans for one project.

Use when: recent/latest scans requested.

Requires: project_id.

Returns: newest-first list.

listFindings

  • "show me critical risks"

  • "show me SQL Injection"

  • "are there malicious packages"

Return individual findings from a completed scan with filtering/sorting.

Use when: browsing or filtered lists.

Requires: scan_id.

Returns: triage-ready findings.

getFindingDetails

  • "explain this vulnerability"

  • 'where is this in the code"

Deep details for one finding.

Use when: explain a specific finding by ID.

Requires: scan_id, finding_id.

Returns: location, data flow, remediation metadata.

getTenantVulnerabilitiesSummary

  • "what is overall security posture"

Returns tenant-level vulnerability analytics (engine + time window). Results are not tied to a single scan.

To query for engine specific summaries, use the exact engine names: SAST, SCA, IaC or Secret Detection.

Project Management

Tool

Triggered by (examples)

Description

resolveProject

  • scan workflow

Find the project matching a given name.

Use when: workflows need project_id or existence check.

Requires: project_name.

Returns: matching project or not-found.

createProject

  • scan workflow

Create a new project after user approval. Requires: name. Returns: project_id.

listProjects

  • "show Checkmarx projects"

Browse/search projects with pagination. Returns: project list.

getProjectConfig

  • "which preset does this project use"

  • "which folders are excluded from the project"

Full configuration for one project by ID. Requires: project_id.

Returns: repository settings, tags, timestamps.

Application Management

Tool

Triggered by (examples)

Description

listApplications

  • "show all applications"

  • "which applications is this project associated with"

Browse/search applications with pagination; helpful to obtain application_id.

Returns: applications page.

getApplicationDetails

  • "which projects are associated with this application"

Full details of one application by ID.

Requires: application_id.

Returns: tags, project associations, criticality.

createApplication

  • "make an application for projects Demo1, Demo2 and Demo3"

Create a new application.

Requires: name.

Returns: application_id.

associateProject

  • "add <project_name> to <application_id>"

Link one or more projects to an application without removing existing associations.

Requires: application_id and project_name. Project UUIDs are not supported by this tool.

Returns: association result.

Scan History

Tool

Triggered by (examples)

Description

listScans

  • "show last 10 scans of the project"

  • "show last 5 failed scans"

Browse scans by project, status, branch, date range, and source.

Returns: paginated scan list.

In this section: