@aikidosec/mcp 0.0.1 → 1.0.0

package/README.dev.md

@@ -0,0 +1,46 @@
+# Developer Guide for aikido-mcp-server
+A TypeScript implementation of an MCP (Model Context Protocol). 
+
+## Project Structure
+- `src/` — TypeScript source code
+- `dist/` — Compiled output (after build)
+- `build.js` — Build script
+- `.github/workflows/` — CI/CD workflows
+
+## Development Setup
+1. Install dependencies:
+   ```sh
+   npm install
+   ```
+2. Build the project:
+   ```sh
+   npm run build
+   ```
+
+## Testing MCP Locally Using [modelcontextprotocol/inspector](https://github.com/modelcontextprotocol/inspector)
+```sh
+npm run mcp-inspect
+```
+
+## Example mcp.json File to Test Integration in IDEs
+```json
+{
+  "mcpServers": {
+    "aikido": {
+      "type": "local",
+      "command": "node",
+      "args": [
+          "PATH_TO_REPO_ON_YOUR_MACHINE/aikido-mcp-server/dist/index.js"
+      ],
+      "environment": {
+        "AIKIDO_API_KEY": "your-api-key-here"
+      },
+      "allowedTools": [
+        "aikido_sast_scan",
+        "aikido_full_scan",
+        "aikido_secrets_scan"
+      ]
+    }
+  }
+}
+```

package/README.md

@@ -1,2 +1,82 @@
-# Aikido MCP
-Coming soon
+# Aikido MCP Server
+
+A lightweight Model Context Protocol (MCP) server that exposes Aikido’s Code and Secrets Scan as a tool for AI coding agents and IDEs. It lets your agent scan code and returns machine-readable findings you can triage or fix.
+
+## Prerequisites
+- **Node.js** 18 or newer
+- An **Aikido API key** (get yours from [Aikido Security](https://app.aikido.dev))
+
+## Configuration
+
+### API Key Setup
+
+The MCP server requires an Aikido API key to authenticate with the Aikido API. You can provide it in two ways:
+
+1. **Via MCP Configuration (Recommended)**: Set the `AIKIDO_API_KEY` environment variable in your MCP configuration file
+2. **Via System Environment Variable**: Set `AIKIDO_API_KEY` as a system environment variable
+
+## Add to your IDE or agent
+Below are example configurations to add to your the Aikido MCP to your IDE.
+
+### Cursor
+
+Go to `Settings` > `Cursor Settings` > `MCP & Integrations` > `New MCP server`
+
+Add the following configuration to your Cursor `~/.cursor/mcp.json` file. See [Cursor MCP docs](https://docs.cursor.com/en/context/mcp) for more info.
+
+```json
+{
+  "mcpServers": {
+    "aikido": {
+      "command": "npx",
+      "args": ["-y", "@aikidosec/mcp"],
+      "env": {
+        "AIKIDO_API_KEY": "your-api-key-here"
+      }
+    }
+  }
+}
+```
+
+**Note**: Replace `"your-api-key-here"` with your actual Aikido API key.
+
+### Windsurf
+
+Add the following config to `~/.codeium/windsurf/mcp_config.json`. See [Windsurf MCP docs](https://docs.windsurf.com/windsurf/cascade/mcp) for more info.
+
+```json
+{
+  "mcpServers": {
+    "aikido": {
+      "command": "npx",
+      "args": ["-y", "@aikidosec/mcp"],
+      "env": {
+        "AIKIDO_API_KEY": "your-api-key-here"
+      }
+    }
+  }
+}
+```
+
+**Note**: Replace `"your-api-key-here"` with your actual Aikido API key.
+
+### VS Code
+
+Open the VS Code Command Palette by using Ctrl+⇧Shift+P or ⌘Command+⇧Shift+P (macOS). Type `MCP: Open User Configuration`.
+Add the following config to the MCP config file. See [VS Code MCP docs](https://code.visualstudio.com/docs/copilot/chat/mcp-servers) for more info.
+
+```json
+{
+  "servers": {
+    "aikido": {
+      "command": "npx",
+      "args": ["-y", "@aikidosec/mcp"],
+      "env": {
+        "AIKIDO_API_KEY": "your-api-key-here"
+      }
+    }
+  }
+}
+```
+
+**Note**: Replace `"your-api-key-here"` with your actual Aikido API key.