Skip to main content
Corridor’s MCP server provides tools that enable AI coding assistants to directly interact with your security data. When you use Claude Code, Cursor, or other MCP-compatible tools, the AI assistant can access and manage your Corridor findings and guardrails.

Available tools

ToolDescription
getFindingsRetrieve security findings with filters for state (open/closed/potential), severity, and limit
getFindingGet detailed info about a specific finding including description, affected code, and remediation guidance
updateFindingStateMark findings as closed (false positive, risk accepted, fixed) or reopen them
getGuardrailsGet security guardrails and context documents for a project
createGuardrailCreate new security guardrails programmatically
listProjectsList all Corridor projects you have access to

Example conversation

You: "What are the open critical security issues in this project?"

Claude: [Uses getFindings with state='open', severity='critical']
       "I found 3 critical security findings:
        1. SQL Injection in auth.ts:42
        2. XSS vulnerability in render.tsx:87
        ..."
Your AI assistant can also:
  • “Show me details about finding X” → calls getFinding
  • “Mark this finding as a false positive” → calls updateFindingState
  • “What guardrails should I follow?” → calls getGuardrails
  • “Create a guardrail for SQL injection prevention” → calls createGuardrail

Requirements

  • Corridor extension installed and authenticated
  • MCP enabled for your team (team setting)
  • IDE Extension Support entitlement on your plan
  • User must be a member of a team that owns the project

Security notes

  • Tools validate team membership before granting access
  • Uniform 404 responses prevent information leakage
  • Admin operations reject API tokens (require user auth)

Next steps

Findings

Track and remediate security issues

Guardrails

Configure security guardrails