sonarqube-mcp-server-zed
Verified Safeby SonarSource
Overview
Integrates SonarQube (Cloud or Server) with the Zed editor, launching a Docker container to provide code quality and security analysis capabilities.
Installation
<docker_path> run -i --rm -e SONARQUBE_TOKEN -e SONARQUBE_URL -e SONARQUBE_ORG mcp/sonarqubeEnvironment Variables
- SONARQUBE_TOKEN
- SONARQUBE_URL
- SONARQUBE_ORG
Security Notes
The Rust source code itself appears well-structured and does not contain any obvious malicious patterns, direct 'eval' calls, or hardcoded secrets. It passes sensitive information (SonarQube token, URL, organization) as environment variables to the Docker command, which is a standard practice for secrets management. The primary security consideration outside this codebase is the `mcp/sonarqube` Docker image; its contents and trustworthiness are crucial for overall security, but are not available for review in the provided source code.
Similar Servers
sonarqube-mcp-server
The SonarQube MCP Server enables seamless integration with SonarQube Server or Cloud for code quality and security, supporting analysis of code snippets and acting as a backend for AI coding agents.
zed-datadog-mcp
Integrate the Zed IDE with the Datadog Remote MCP server to enable enhanced development, monitoring, and potentially AI/ML features within the editor.
medusa
This is a Model Context Protocol (MCP) server intentionally designed as a security fixture to demonstrate various critical vulnerabilities, such as command injection, SQL injection, and sensitive data exposure, for testing security scanners like Medusa.
argus-mcp
AI-powered code review and quality enhancement for multiple programming languages and environments.