Snyk MCP Server
by sammcj
A standalone Model Context Protocol server for Snyk security scanning functionality. It allows integration with Claude desktop for scanning repositories and Snyk projects for security vulnerabilities.
Last updated: N/A
What is Snyk MCP Server?
The Snyk MCP Server is a standalone server that enables Snyk security scanning capabilities within the Model Context Protocol (MCP) framework. It facilitates the integration of Snyk's vulnerability scanning features with applications like Claude desktop.
How to use Snyk MCP Server?
To use the server, configure your Claude desktop config (claude-config.json) with the server details, including the command to run the server and environment variables for your Snyk API key and organization ID. You can then use natural language commands within Claude to trigger repository or project scans, providing the necessary URLs or project IDs.
Key features of Snyk MCP Server
Repository security scanning using GitHub/GitLab URLs
Snyk project scanning
Integration with Claude desktop
Token verification
Multiple organization ID configuration options
Snyk CLI integration for organization ID lookup
Use cases of Snyk MCP Server
Scanning GitHub repositories for security vulnerabilities directly from Claude
Scanning GitLab repositories for security vulnerabilities directly from Claude
Verifying Snyk API token configuration
Scanning Snyk projects by ID
Centralized security scanning workflow within Claude
FAQ from Snyk MCP Server
How do I configure the Snyk API token?
How do I configure the Snyk API token?
Set the SNYK_API_KEY environment variable in the MCP server configuration.
How do I specify the Snyk organization ID?
How do I specify the Snyk organization ID?
You can configure the organization ID via the SNYK_ORG_ID environment variable in the MCP settings, using the Snyk CLI (snyk config set org=your-org-id), or by providing it directly in commands.
What URL format should I use for repository scanning?
What URL format should I use for repository scanning?
Use the actual repository URL (e.g., https://github.com/owner/repo) on GitHub or GitLab. Do not use local file paths.
How can I verify my Snyk token configuration?
How can I verify my Snyk token configuration?
Ask Claude to run the verify_token command.
What if I have the Snyk CLI installed?
What if I have the Snyk CLI installed?
The server can use the CLI to get your default organization ID and show CLI configuration details in the token verification output.