Snyk MCP server

This MCP server enables you to run Snyk security scans directly from Claude, allowing you to analyze repositories and projects for security vulnerabilities without leaving your conversation.

Installation

To set up the Snyk MCP server with Claude desktop, you'll need to update your Claude configuration file (claude-config.json):

{
  "mcpServers": {
    "snyk": {
      "command": "npx",
      "args": [
        "-y",
        "github:sammcj/mcp-snyk"
      ],
      "env": {
        "SNYK_API_KEY": "your_snyk_token",
        "SNYK_ORG_ID": "your_default_org_id"  
      }
    }
  }
}

Replace your_snyk_token with your actual Snyk API token. The SNYK_ORG_ID field is optional but recommended for setting a default organization.

Getting Your Snyk API Token

1. Log in to your Snyk account at snyk.io
2. Navigate to your account settings
3. Find the API token section and copy your token

Setting Organization ID

You can configure your Snyk organization ID through multiple methods:

1. In the MCP settings via SNYK_ORG_ID (as shown above)
2. Using the Snyk CLI: snyk config set org=your-org-id
3. Directly in your commands to Claude

The server will check these locations in order until it finds a valid organization ID.

Verifying Your Setup

To verify your Snyk token is configured correctly, ask Claude:

Verify my Snyk token configuration

This will check if your token is valid and display your Snyk user information. If you have the Snyk CLI installed, it will also show your CLI-configured organization ID.

Using the Snyk MCP Server

Scanning GitHub or GitLab Repositories

To scan a repository for security vulnerabilities, provide the complete repository URL:

Scan repository https://github.com/owner/repo for security vulnerabilities

Important: Always use the full repository URL (e.g., https://github.com/owner/repo). Local file paths are not supported.

Scanning Snyk Projects

To scan an existing Snyk project:

Scan Snyk project project-id-here

Specifying an Organization ID

You can override your default organization ID by specifying it directly in your command:

Scan repository https://github.com/owner/repo in organisation org-id-here

Snyk CLI Integration

If you have the Snyk CLI installed (npm install -g snyk), the MCP server can use it to:

• Retrieve your default organization ID
• Fall back to CLI configuration when MCP settings are missing
• Show CLI configuration details during token verification

This integration provides a consistent experience between your CLI and MCP server usage.

How to add this MCP server to Cursor

There are two ways to add an MCP server to Cursor. The most common way is to add the server globally in the ~/.cursor/mcp.json file so that it is available in all of your projects.

If you only need the server in a single project, you can add it to the project instead by creating or adding it to the .cursor/mcp.json file.

Adding an MCP server to Cursor globally

To add a global MCP server go to Cursor Settings > MCP and click "Add new global MCP server".

When you click that button the ~/.cursor/mcp.json file will be opened and you can add your server like this:

{
    "mcpServers": {
        "cursor-rules-mcp": {
            "command": "npx",
            "args": [
                "-y",
                "cursor-rules-mcp"
            ]
        }
    }
}

Adding an MCP server to a project

To add an MCP server to a project you can create a new .cursor/mcp.json file or add it to the existing one. This will look exactly the same as the global MCP server example above.

How to use the MCP server

Once the server is installed, you might need to head back to Settings > MCP and click the refresh button.

The Cursor agent will then be able to see the available tools the added MCP server has available and will call them when it needs to.

You can also explictly ask the agent to use the tool by mentioning the tool name and describing what the function does.