Skip to main content
Corridor integrates with Claude Code via MCP and hooks, ensuring that code generated by Claude Code is checked against your security guardrails.

Prerequisites

  • Claude Code installed (claude command)
  • A Corridor account with a team created

Setup

1

Install the Corridor CLI

Install the Corridor CLI with a single command:
curl -fsSL https://app.corridor.dev/cli/install.sh | bash
The CLI auto-updates on startup, so you’ll always have the latest version.The installer will run corridor install automatically to set up the Corridor plugin, MCP server, and hooks.
2

Verify the plugin

Restart Claude Code if it’s currently running. You can verify the plugin is connected by running /mcp in Claude Code.
Once configured, Claude Code will invoke Corridor’s security checks as it writes code, catching vulnerabilities and enforcing your security policies automatically.

Hooks

Hooks are deterministic scripts that run at specific points in the code generation process, enabling real-time security reviews and policy enforcement. Hooks are automatically set up by the Corridor CLI.

MCP compliance

Corridor tracks which MCP servers are active and enforces your team’s policies. To configure, navigate to the Compliance tab in the Corridor dashboard and choose Allowlist Mode or Blocklist Mode.

Stop hooks (experimental)

When Claude Code generates code, Corridor can automatically evaluate the diff, identify potential security issues, and guide Claude to remediate problems iteratively—all in the background. By default, hooks run in monitoring mode and won’t block code generation. To enable blocking behavior:
  1. Open ~/.corridor/config.env in a text editor
  2. Set CORRIDOR_BLOCKING_STOP_HOOKS=true
  3. Hooks will now prevent code with critical security issues from being applied

Troubleshooting hooks

If hooks are not running:
  • Run corridor install --force to reinstall hooks
  • Check that ~/.corridor/config.env exists and contains a valid CORRIDOR_ACCESS_TOKEN
  • Verify hooks are registered in ~/.claude/settings.json

Uninstalling

To remove the Corridor plugin and all its configuration, run: 
corridor uninstall
You’ll be prompted for confirmation before anything is removed. To skip the prompt (for example, in CI), use --non-interactive: 
corridor uninstall --non-interactive

Next steps

Guardrails

Learn how guardrails protect your code

Corridor MCP

Explore Corridor’s MCP tools