The Secure Chain MCP Server provides tools for checking the status of your software supply chain within the Secure Chain ecosystem. This server helps you monitor and maintain the security of your dependencies and software components.
To deploy the Secure Chain MCP Server, you need:
git clone https://github.com/securechaindev/securechain-mcp-server.git
cd securechain-mcp-server
Create a .env.local file in the root directory using the .env.example as a template:
cp .env.example .env.local
Then edit the .env.local file to include:
openssl rand -base64 32docker network create securechain
Download the data dumps from Zenodo and unzip them. After unzipping, run:
docker compose up --build
This will start containerized databases and seed them automatically.
docker compose -f dev/docker-compose.yml up --build
Navigate to http://localhost:8000/docs#/Secure%20Chain%20Auth%20-%20User/signup_signup_post in your browser and create a user with the following JSON:
{
"email": "[email protected]",
"password": "supersecre3T*"
}
To configure the MCP server with Visual Studio Code:
.vscode if it doesn't existmcp.json{
"servers": {
"Secure Chain": {
"type": "http",
"url": "http://localhost:8005/mcp",
"headers": {
"X-Auth-Email": "[email protected]",
"X-Auth-Pass": "supersecre3T*"
}
}
}
}
When the containers are running, you can access the Neo4J browser interface at http://localhost:7474/browser/ to visualize the graph built from your data.
If you prefer to work with a Python virtual environment:
python3.13 -m venv depex-env
source depex-env/bin/activate
pip install -r requirements.txt
This will create and activate a virtual environment with all the necessary dependencies installed.
Once the server is running:
You can now integrate with GitHub Copilot or other tools that support the Model Context Protocol to analyze your software supply chain.
To add this MCP server to Claude Code, run this command in your terminal:
claude mcp add-json "Secure-Chain" '{"type":"http","url":"http://localhost:8005/mcp","headers":{"X-Auth-Email":"[email protected]","X-Auth-Pass":"supersecre3T*"}}'See the official Claude Code MCP documentation for more details.
There are two ways to add an MCP server to Cursor. The most common way is to add the server globally in the ~/.cursor/mcp.json file so that it is available in all of your projects.
If you only need the server in a single project, you can add it to the project instead by creating or adding it to the .cursor/mcp.json file.
To add a global MCP server go to Cursor Settings > Tools & Integrations and click "New MCP Server".
When you click that button the ~/.cursor/mcp.json file will be opened and you can add your server like this:
{
"mcpServers": {
"Secure Chain": {
"type": "http",
"url": "http://localhost:8005/mcp",
"headers": {
"X-Auth-Email": "[email protected]",
"X-Auth-Pass": "supersecre3T*"
}
}
}
}To add an MCP server to a project you can create a new .cursor/mcp.json file or add it to the existing one. This will look exactly the same as the global MCP server example above.
Once the server is installed, you might need to head back to Settings > MCP and click the refresh button.
The Cursor agent will then be able to see the available tools the added MCP server has available and will call them when it needs to.
You can also explicitly ask the agent to use the tool by mentioning the tool name and describing what the function does.
To add this MCP server to Claude Desktop:
1. Find your configuration file:
~/Library/Application Support/Claude/claude_desktop_config.json%APPDATA%\Claude\claude_desktop_config.json~/.config/Claude/claude_desktop_config.json2. Add this to your configuration file:
{
"mcpServers": {
"Secure Chain": {
"type": "http",
"url": "http://localhost:8005/mcp",
"headers": {
"X-Auth-Email": "[email protected]",
"X-Auth-Pass": "supersecre3T*"
}
}
}
}3. Restart Claude Desktop for the changes to take effect