Skip to content

GitGuardian/gg-mcp

BranchesTags

Repository files navigation

GitGuardian MCP Server

Stay focused on building your product while your AI assistant handles the security heavy lifting with GitGuardian's comprehensive protection.

This MCP server enables your AI agent to scan projects using GitGuardian's industry-leading API, featuring over 500 secret detectors to prevent credential leaks before they reach public repositories.

Resolve security incidents without context switching to the GitGuardian console. Take advantage of rich contextual data to enhance your agent's remediation capabilities, enabling rapid resolution and automated removal of hardcoded secrets.

Key Features

  • Secret Scanning: Scan code for leaked secrets, credentials, and API keys
  • Incident Management: View, assign, and resolve security incidents related to the project you are currently working.
  • Honeytokens: Create and manage honeytokens to detect unauthorized access

Prompts examples

Remediate all incidents related to my project

Scan this codebase for any leaked secrets or credentials

Check if there are any new security incidents assigned to me

Help me understand this security incident and provide remediation steps

List all my active honeytokens

Generate a new honeytoken for monitoring AWS credential access

Show me my most recent honeytoken and help me embed it in my codebase

Create a honeytoken named 'dev-database' and hide it in config files

Prerequisites

Before installing the GitGuardian MCP servers, ensure you have the following prerequisites:

Installation

Below are instructions for installing the GitGuardian MCP servers with various AI editors and interfaces.

Installation with Cursor

Quick Install with One-Click Buttons (Cursor >= 1.0):

For Developer MCP Server:

Install Developer MCP Server

Manual Configuration:

  1. Edit your Cursor MCP configuration file located at ~/.cursor/mcp.json

  2. Add the GitGuardian MCP server configuration:

    {
  "mcpServers": {
    "GitGuardianDeveloper": {
      "command": "uvx",
      "args": [
        "--from",
        "git+https://github.com/GitGuardian/gg-mcp.git",
        "developer-mcp-server"
      ]
    }
  }
}

Installation with Claude Desktop

  1. Edit your Claude Desktop MCP configuration file located at:

    • macOS: ~/Library/Application Support/Claude Desktop/mcp.json
    • Windows: %APPDATA%\Claude Desktop\mcp.json

  2. Add the GitGuardian MCP server configuration:

    {
  "mcpServers": {
    "GitGuardianDeveloper": {
      "command": "/path/to/uvx",
      "args": [
        "--from",
        "git+https://github.com/GitGuardian/gg-mcp.git",
        "developer-mcp-server"
      ]
    }
  }
}

  3. Replace /path/to/uvx with the absolute path to the uvx executable on your system.

    ⚠️ WARNING: For Claude Desktop, you must specify the full absolute path to the uvx executable, not just "command": "uvx". This is different from other MCP clients.

  4. Restart Claude Desktop to apply the changes.

Installation with Windsurf

To use the GitGuardian MCP server with Windsurf:

  1. Edit your Windsurf MCP configuration file located at:

    • macOS: ~/Library/Application Support/Windsurf/mcp.json
    • Windows: %APPDATA%\Windsurf\mcp.json
    • Linux: ~/.config/Windsurf/mcp.json

  2. Add the following entry to the configuration file:

    {
  "mcp": {
    "servers": {
      "GitGuardianDeveloper": {
        "type": "stdio",
        "command": "uvx",
        "args": [
          "--from",
          "git+https://github.com/GitGuardian/gg-mcp.git",
          "developer-mcp-server"
        ]
      }
    }
  }
}

Installation with Zed Editor

  1. Edit your Zed MCP configuration file located at:

    • macOS: ~/Library/Application Support/Zed/mcp.json
    • Linux: ~/.config/Zed/mcp.json

  2. Add the GitGuardian MCP server configuration:

    {
  "GitGuardianDeveloper": {
    "command": {
      "path": "uvx",
      "args": [
        "--from",
        "git+https://github.com/GitGuardian/gg-mcp.git",
        "developer-mcp-server"
      ]
    }
  }
}

Authentication Process

  1. When you start the server, it will automatically open a browser window to authenticate with GitGuardian
  2. After you log in to GitGuardian and authorize the application, you'll be redirected back to the local server
  3. The authentication token will be securely stored for future use
  4. The next time you start the server, it will reuse the stored token without requiring re-authentication

Development

If you want to contribute to this project or add new tools, please see the Development Guide.

Testing

This project includes a comprehensive test suite to ensure functionality and prevent regressions.

Running Tests

  1. Run the test suite: 
    uv run pytest

This will run all tests and generate a coverage report showing which parts of the codebase are covered by tests.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

6 stars

Watchers

6 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages