Endor Labs MCP server in Visual Studio Code

Learn how to deploy and run the Endor Labs MCP server in Visual Studio Code.

This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Learn how to deploy and run the Endor Labs MCP server in Visual Studio Code.

Beta

The Endor Labs Model Context Protocol (MCP) server integrates seamlessly into your AI-native development workflows to help you keep your code secure and fix security risks faster. You can catch issues long before they’re a problem in production and fix them faster when they already are.

This guide details how to integrate Endor Labs security capabilities directly into your Visual Studio Code development workflows using MCP.

How Endor Labs MCP server helps your Visual Studio Code workflow

Endor Labs MCP server helps your developers and AI agents in their development workflows in the following ways:

Provide guardrails for agents before code review: Reduce the number of known vulnerabilities entering your code and save developers time by checking AI agent suggestions in real time. Integrate security before an issue is discovered in CI or in production.
Improve the speed of remediating security risks: Agents uses vulnerability context from Endor Labs to help implement secure changes, from writing more secure code to upgrading dependencies.

Integrate Endor Labs MCP server into Visual Studio Code

Complete the following tasks to integrate Endor Labs MCP Server into Visual Studio Code.

Configure permissions for your developers: Ensure that your developers have Read-Only permissions to Endor Labs. See Endor Lab’s Authorization policies for more details.
Configure the MCP server: Configure the MCP server in Visual Studio Code. You can use the interactive configuration tool or manually configure the MCP server. See Configure the MCP server in Visual Studio Code for more details.

Configure the MCP server in Visual Studio Code

Prerequisites for Visual Studio Code

Before running the Endor Labs MCP server, ensure that you have Visual Studio Code version 1.99 or later and enable MCP support by setting chat.mcp.enabled to true in your Visual Studio Code settings.

Add the Endor Labs MCP server to local Visual Studio Code settings.

Navigate to the root of your repository.
Create a .vscode directory if it doesn’t exist and create an mcp.json file in the .vscode directory.
You can use the interactive configuration tool to generate the MCP server configuration for Visual Studio Code.

Endor Labs MCP Server Installation

Configure your MCP server parameters and generate a json configuration.

Authentication Mode *

Authentication mode for Endor Labs MCP server.

Required. Select "automatic" if you've already run endorctl init. Otherwise, select your external identity provider.

Tenant *

Tenant name for SSO authentication.

Required when using SSO authentication mode. Enter your tenant name.

Namespace

Your Endor Labs namespace.

Required for the MCP server configuration. Only alphanumeric characters, dots, hyphens, and underscores are allowed.

Fill in your configuration above and click Generate to create a JSON configuration.

You can also manually add the following configuration to the .vscode/mcp.json file.

{
  "servers": {
    "endor-cli-tools": {
      "command": "npx",
      "args": [
        "-y",
        "endorctl",
        "ai-tools",
        "mcp-server"
      ],
      "env": {
        "ENDOR_MCP_SERVER_AUTH_MODE": "<authentication mode>",
        "ENDOR_NAMESPACE": "<namespace>",
        "ENDOR_TOKEN": "automatic",
        "MCP_ENDOR_SCAN_DRY_RUN": "true"
      }
    }
  }
}

The following parameters are used to configure the MCP server.

ENDOR_MCP_SERVER_AUTH_MODE: The authentication mode to use for the MCP server. You can use the following authentication modes: automatic, google, github, sso. Use automatic if you’ve already logged in to Endor Labs through endorctl and do not need to authenticate again. If you choose sso, you must add ENDOR_MCP_SERVER_AUTH_TENANT as an additional parameter.
ENDOR_NAMESPACE: The namespace to use for the MCP server.
ENDOR_TOKEN: The token to use for the MCP server. Do not set this value manually. It will be set automatically by the MCP server.
MCP_ENDOR_SCAN_DRY_RUN: Whether to run the MCP server in dry run mode. Always set this value to true for the MCP server. When enabled, dry run mode allows local scanning with read-only access to Endor Labs. Scan results are not stored in dry run mode, enabling you to perform faster security scans locally without requiring write permissions to your Endor Labs account.
ENDOR_MCP_SERVER_AUTH_TENANT: The tenant name for SSO authentication. Required when ENDOR_MCP_SERVER_AUTH_MODE is set to sso.

Manage Endor Labs MCP server tools in Visual Studio Code

Open the Chat view by pressing Cmd+Option+I.
Switch to the Agent mode.
Click the Settings icon.
Select the tools that you want to enable or disable under MCP Server: endor-cli-tools.

Use the MCP server with GitHub Copilot

To use the Endor Labs MCP server with GitHub Copilot in Visual Studio Code:

Open the Chat view by pressing Cmd+Option+I.
Switch to the Agent mode.
Click the Settings icon.
Select MCP Server: endor-cli-tools from the dropdown menu.
Set up Copilot rules in .github/instructions/*.md to use the Endor Labs MCP server throughout the development process. See Copilot rules examples to learn more.

You can now use Endor Labs tools in your chat prompts to scan for vulnerabilities.

Example Copilot rules

Copilot instructions define the guidelines that Copilot should follow throughout the development process. The following examples demonstrate how to use the Endor Labs MCP server within Copilot rules.

---
description: "Ensure newly added dependencies are checked for vulnerabilities and project stays clean"
applyTo: '**/package.json, **/package-lock.json, **/yarn.lock, **/pnpm-lock.yaml, **/requirements.txt, **/Pipfile, **/Pipfile.lock, **/pyproject.toml, **/poetry.lock, **/go.mod, **/go.sum, **/Cargo.toml, **/Cargo.lock, **/pom.xml, **/build.gradle, **/build.gradle.kts, **/gradle.lockfile, **/composer.json, **/composer.lock'
alwaysApply: true
---

# Software Composition Analysis (SCA) Rule (Endor Labs via MCP)
This project uses Endor Labs for automated dependency (SCA) scanning, integrated through the MCP server as configured in `.vscode/mcp.json`.

## Workflow

Every time a manifest or lockfile listed above is created or modified in any way immediately do the following prior to performing your next task.

**Important**: Do not proceed after creating or modifying a manifest file without running this first. Do not write any other code or continue with your existing prompt. This is top priority whenever a manifest file is created or updated.

- Run `endor-cli-tools` using the `check_dependency_for_vulnerabilities` tool via the MCP server.
- Provide the **language**, **dependency name**, and **version** always when making this tool call. Do not forget to provide a version.
- If a vulnerability or error is identified:
  - Upgrade to the suggested safe version, or
  - Replace the dependency with a non-vulnerable alternative.
  - The AI agent must attempt to automatically correct all detected errors and vulnerabilities before session completion.
- Re-run the check using `endor-cli-tools` to confirm the issue is resolved.
- If an error occurs in any MCP server tool call (such as missing required parameters like version, invalid arguments, or tool invocation failures):
  - The AI agent must review the error, determine the cause, and automatically correct the tool call or input parameters.
  - Re-attempt the tool call with the corrected parameters.
  - Continue this process until the tool call succeeds or it is determined that remediation is not possible, in which case the issue and reason must be reported.

## Notes
- All scans must be performed using the MCP server integration (`endor-cli-tools`) as configured in `.vscode/mcp.json`. Do not invoke `endorctl` directly.
- For troubleshooting, ensure the MCP server is running and `endorctl` is installed and accessible in your environment.

This rule ensures that all dependency changes are evaluated for risk at the time of introduction, and that the project remains clean and secure after each coding session. The scan may be performed at the end of an agent session, provided all modifications are checked and remediated before session completion.

---
description: "Scan for leaked secrets on file modification"
applyTo: '**/*'
alwaysApply: true
---

# Leaked Secrets Detection Rule (Endor Labs via MCP)
This project uses @Endor Labs for automated security scanning, integrated through the MCP server as configured in `.vscode/mcp.json`.

## Workflow
Whenever a file is modified in the repository, and before the end of an agent session:
- Run `endor-cli-tools` using the `scan` tool via the MCP server to check for leaked secrets.
- Ensure the scan includes all file types and respects `.gitignore` unless otherwise configured.
- If any secrets or errors are detected:
  - Remove the exposed secret or correct the error immediately.
  - The AI agent must attempt to automatically correct all detected secrets and errors before session completion.
  - Re-run the scan to verify the secret or error has been properly removed or resolved.
- If an error occurs in any MCP server tool call (such as missing required parameters like version, invalid arguments, or tool invocation failures):
  - The AI agent must review the error, determine the cause, and automatically correct the tool call or input parameters.
  - Re-attempt the tool call with the corrected parameters.
  - Continue this process until the tool call succeeds or it is determined that remediation is not possible, in which case the issue and reason must be reported.
- Save scan results and remediation steps in a security log or as comments for audit purposes.

## Notes
- All scans must be performed using the MCP server integration (`endor-cli-tools`) as configured in `.vscode/mcp.json`. Do not invoke `endorctl` directly.
- For troubleshooting, ensure the MCP server is running and `endorctl` is installed and accessible in your environment.
- **Important**: This scan must use the path of the directory from which the changed files are in. Do not attempt to set the path directly to a file as it must be a directory. Use absolute paths like /Users/username/mcp-server-demo/backend rather than relative paths like 'backend'

This rule ensures no accidental credentials, tokens, API keys, or secrets are committed or remain in the project history. The scan may be performed at the end of an agent session, provided all modifications are checked and remediated before session completion.

---
description: "Run SAST scan using endor-cli-tools on source code changes"
applyTo: '**/*.c, **/*.cpp, **/*.cc, **/*.cs, **/*.go, **/*.java, **/*.js, **/*.jsx, **/*.ts, **/*.tsx, **/*.py, **/*.php, **/*.rb, **/*.rs, **/*.kt, **/*.kts, **/*.scala, **/*.swift, **/*.dart, **/*.html, **/*.yaml, **/*.yml, **/*.json, **/*.xml, **/*.sh, **/*.bash, **/*.clj, **/*.cljs, **/*.ex, **/*.exs, **/*.lua'
alwaysApply: true
---

# Static Application Security Testing (SAST) Rule (Endor Labs via MCP)

This project uses @Endor Labs for automated SAST, integrated through the MCP server as configured in `.vscode/mcp.json`.

## Workflow

Whenever a file is modified in the repository, and before the end of an agent session perform the following workflow:

- Run `endor-cli-tools` using the `scan` tool via the MCP server to perform SAST scans as described above.
- If any vulnerabilities or errors are found:
  - Present the issues to the user.
  - The AI agent must attempt to automatically correct all errors and vulnerabilities, including code errors, security issues, and best practice violations, before session completion.
  - Recommend and apply appropriate fixes (e.g., input sanitization, validation, escaping, secure APIs).
  - Continue scanning and correcting until all critical issues have been resolved or no further automated remediation is possible.
- If an error occurs in any MCP server tool call (such as missing required parameters like version, invalid arguments, or tool invocation failures):
  - The AI agent must review the error, determine the cause, and automatically correct the tool call or input parameters.
  - Re-attempt the tool call with the corrected parameters.
  - Continue this process until the tool call succeeds or it is determined that remediation is not possible, in which case the issue and reason must be reported.
- Save scan results and remediation steps in a security log or as comments for audit purposes.

## Notes
- All scans must be performed using the MCP server integration (`endor-cli-tools`) as configured in `.vscode/mcp.json`. Do not invoke `endorctl` directly.
- For troubleshooting, ensure the MCP server is running and `endorctl` is installed and accessible in your environment.
- Do not invoke Opengrep directly.
- **Important**: This scan must use the path of the directory from which the changed files are in. Do not attempt to set the path directly to a file as it must be a directory. Use absolute paths like /Users/username/mcp-server-demo/backend rather than relative paths like 'backend'

This rule ensures all code changes are automatically reviewed and remediated for common security vulnerabilities and errors using `endor-cli-tools` and the MCP server, with Opengrep as the underlying engine.