Endor Labs MCP server in Gemini CLI

Learn how to deploy and run the Endor Labs MCP server in Gemini CLI.
Beta

The Endor Labs MCP server helps developers and AI agents in the following ways:

  • Provide guardrails for agents before code review: Reduce the number of known vulnerabilities entering your code and save developers time by checking AI agent suggestions in real time. Integrate security before an issue is discovered in CI or in production.
  • Improve the speed of remediating security risks: Agents use vulnerability context from Endor Labs to help implement secure changes, from writing more secure code to upgrading dependencies.

The Endor Labs MCP server integrates directly into Gemini CLI to scan your code as you write, catching security issues before they reach production.

You can either install the MCP server as a Gemini extension or with Gemini CLI.

The following sections walk you through setting up the Endor Labs MCP server:

Ensure that the following prerequisites are met:

  • Gemini CLI
  • Node.js version 18 or later (required if you don’t have endorctl installed)

Select your edition, fill in any required fields, and click Copy to get the command that adds the Endor Labs MCP server to Gemini CLI.

Endor Labs MCP Server Installation

Configure your edition and copy the command to add the MCP server to Gemini CLI.

Choose your edition.

Developer Edition is free with default policies. Enterprise Edition uses your organization's policies.

Check this if you already have Endor Labs configured locally (from endorctl init). Your local configuration will be used.

Check this if endorctl is already installed on your system. The command will use endorctl directly instead of npx.

Run this command in your terminal 

        


        

          
        


        
      


      

        
          
          View manual configuration
        
        

          

            
            
          

          

        

      

    

  













    
The Endor Labs MCP server provides the following tools:


    

  • check_dependency_for_vulnerabilities: Check if a dependency in your project is vulnerable.
    • 

  • check_dependency_for_risks: Check a dependency for security risks including vulnerabilities and malware.
    • 

  • get_endor_vulnerability: Get the details of a specific vulnerability from the Endor Labs vulnerability database.
    • 

  • get_resource: Retrieve additional context from commonly used Endor Labs resources about your software, such as findings, vulnerabilities, and projects.
    • 

  • scan: Run an Endor Labs security scan to detect risks in your open source dependencies, find common security issues, and spot any credentials accidentally exposed in your Git repository.
    • 

  • security_review: Perform security review analysis on code diffs. Analyzes local uncommitted changes (both staged and unstaged) compared to HEAD, or diffs between the main branch and the last commit. Requires the Enterprise Edition. You must specify your namespace in the MCP server configuration. You must also enable AI security code review for your namespace in the Endor Labs platform. See AI security code review for setup instructions.
    • 



After you set up the MCP server, you can choose to disable the tools that you do not want to use.










The Endor Labs MCP server has two editions:


    

  • Developer Edition: A free edition that requires no configuration. A browser window opens on first use for authentication via GitHub, GitLab, or Google. The Developer Edition provides access to default security policies from Endor Labs.
    • 

  • Enterprise Edition: A paid edition that enforces your organization’s specific security policies. Authenticate using GitHub, GitLab, Google, or SSO. You must specify your namespace to access your organization’s policies.
    • 



Additionally, if you already have Endor Labs configured locally (for example, from a previous endorctl init command), the MCP server can use your pre-existing configuration.








    
The Endor Labs MCP server works out of the box with the Developer Edition. When you use the MCP server for the first time, a browser window opens, and you can authenticate with GitHub, GitLab, or Google. After authentication, the MCP server provides access to the free Developer Edition with the default security policies.



  

    
    Support
  

  

    Have questions? Email us at community-support@endor.ai.
  








Run the following command to add the MCP server to your project. This adds the server with -s project (shared with everyone in the project). See Scope options for other scopes.


gemini mcp add endor-cli-tools -- npx -y endorctl ai-tools mcp-server

Add the following to your .gemini/settings.json file in the root of your repository. This uses project scope, which is shared with everyone working on the repository.


{
  "mcpServers": {
    "endor-cli-tools": {
      "command": "npx",
      "args": [
        "-y",
        "endorctl",
        "ai-tools",
        "mcp-server"
      ]
    }
  }
}


  

    
    Already have endorctl configured?
  

  

    If you already have a local Endor Labs configuration from a previous endorctl init, add -e ENDOR_TOKEN=automatic to the CLI command (or "ENDOR_TOKEN": "automatic" to the env section in settings.json). The MCP server reuses your existing configuration without requiring additional setup.
  




/mcp list

Confirm that endor-cli-tools appears in the list. You can also use /mcp in Gemini CLI to view active MCP servers.





After installing the MCP server, try the following prompt in your AI chat or CLI to verify that the tools are working.


Check if the npm package lodash version 4.17.20 has any vulnerabilities

The MCP server uses the check_dependency_for_vulnerabilities tool to check for known vulnerabilities and return the results. If you see a response with vulnerability details, the MCP server is working correctly.




For Enterprise Edition, you need your organization’s Endor Labs namespace and an authentication method. Ensure that your developers have Read-Only permissions to Endor Labs. See Authorization policies for more details.


Use the interactive setup tool above to configure your organization’s namespace and authentication method, and set up the MCP server.


gemini mcp add -s user \
  -e ENDOR_NAMESPACE=<namespace> \
  -e ENDOR_MCP_SERVER_AUTH_MODE=<google|github|gitlab|sso> \
  -e ENDOR_TOKEN=automatic \
  endor-cli-tools -- npx -y endorctl ai-tools mcp-server

If you want to use SSO authentication, you must also add ENDOR_MCP_SERVER_AUTH_TENANT to the environment variables.


gemini mcp add -s user \
  -e ENDOR_NAMESPACE=my-org \
  -e ENDOR_MCP_SERVER_AUTH_MODE=sso \
  -e ENDOR_MCP_SERVER_AUTH_TENANT=my-tenant \
  -e ENDOR_TOKEN=automatic \
  endor-cli-tools -- npx -y endorctl ai-tools mcp-server

For example, if your Endor Labs namespace is my-org and you want to use Google authentication, run the following command:


gemini mcp add -s user \
  -e ENDOR_NAMESPACE=my-org \
  -e ENDOR_MCP_SERVER_AUTH_MODE=google \
  -e ENDOR_TOKEN=automatic \
  endor-cli-tools -- npx -y endorctl ai-tools mcp-server

Add the following to your ~/.gemini/settings.json file to add the MCP server at user scope.


{
  "mcpServers": {
    "endor-cli-tools": {
      "command": "npx",
      "args": [
        "-y",
        "endorctl",
        "ai-tools",
        "mcp-server"
      ],
      "env": {
        "ENDOR_NAMESPACE": "<namespace>",
        "ENDOR_MCP_SERVER_AUTH_MODE": "<google|github|gitlab|sso>",
        "ENDOR_TOKEN": "automatic"
      }
    }
  }
}

If you want to use SSO authentication, you must also add ENDOR_MCP_SERVER_AUTH_TENANT to the env section.


{
  "mcpServers": {
    "endor-cli-tools": {
      "command": "npx",
      "args": [
        "-y",
        "endorctl",
        "ai-tools",
        "mcp-server"
      ],
      "env": {
        "ENDOR_NAMESPACE": "<namespace>",
        "ENDOR_MCP_SERVER_AUTH_MODE": "sso",
        "ENDOR_MCP_SERVER_AUTH_TENANT": "<tenant>",
        "ENDOR_TOKEN": "automatic"
      }
    }
  }
}

Replace <namespace> with your Endor Labs namespace and choose your authentication mode.






    
The following parameters are used to configure the MCP server. All parameters are optional. If no parameters are provided, the MCP server defaults to the Developer Edition with browser authentication.


    

  • ENDOR_MCP_SERVER_AUTH_MODE: (Optional) The authentication mode to use for the MCP server. You can use the following authentication modes: github, gitlab, google, sso. If you choose sso, you must add ENDOR_MCP_SERVER_AUTH_TENANT as an additional parameter. If not specified, the MCP server defaults to browser authentication for the Developer Edition.
    • 

  • ENDOR_NAMESPACE: (Optional) The namespace to use for the MCP server. Required for Enterprise Edition to access your organization’s specific policies. Not needed for Developer Edition.
    • 

  • ENDOR_TOKEN: (Optional) Set to automatic to reuse an existing local endorctl configuration. When set to automatic, the MCP server skips browser authentication and uses your stored credentials. Do not set this to any other value; the MCP server manages the token internally during authentication.
    • 

  • ENDOR_MCP_SERVER_AUTH_TENANT: (Optional) The tenant name for SSO authentication. Required when ENDOR_MCP_SERVER_AUTH_MODE is set to sso for Enterprise Edition access.
    • 





/mcp list

Confirm that endor-cli-tools appears in the list. You can also use /mcp in Gemini CLI to view active MCP servers.





After installing the MCP server, try the following prompt in your AI chat or CLI to verify that the tools are working.


Check if the npm package lodash version 4.17.20 has any vulnerabilities

The MCP server uses the check_dependency_for_vulnerabilities tool to check for known vulnerabilities and return the results. If you see a response with vulnerability details, the MCP server is working correctly.




Gemini CLI supports two MCP configuration scopes:


    

  • -s project: Shared with everyone in the project via .gemini/settings.json file (default).
    • 

  • -s user: Available to you across all projects via ~/.gemini/settings.json.
    • 



/mcp list

In Gemini CLI, use /mcp to view and manage your active MCP servers.


To enhance the MCP server integration, you can add instructions in GEMINI.md at the root of your repository. Gemini CLI reads GEMINI.md files to guide AI development with your project-specific instructions.


    

  1. 

    Navigate to the root of your repository.
    

    2. 

  2. 

    Create or edit the GEMINI.md file in the root of your repository.
    

    3. 

  3. 

    Add appropriate rules for your project. For example, you can add a rule to check if the code is free from vulnerabilities.
    

    4. 



You can use the following GEMINI.md instructions as a quick start for the Endor Labs MCP server. Modify the instructions to meet your specific organization’s needs. For more information, refer to the Gemini CLI documentation.




    

        
# Software Composition Analysis (SCA) Rule (Endor Labs via MCP)

This project uses Endor Labs for automated dependency (SCA) scanning, integrated through the MCP server.

## Workflow

Every time a manifest or lockfile (package.json, requirements.txt, go.mod, pom.xml, etc.) is created or modified in any way, immediately do the following prior to performing your next task.

**Important**: Do not proceed after creating or modifying a manifest file without running this first.

- Run `endor-cli-tools` using the `check_dependency_for_vulnerabilities` tool via the MCP server.
- Provide the **ecosystem**, **dependency name**, and **version** always when making this tool call.
- If a vulnerability or error is identified:
  - Upgrade to the suggested safe version, or
  - Replace the dependency with a non-vulnerable alternative.
- Re-run the check using `endor-cli-tools` to confirm the issue is resolved.

## Notes
- All scans must be performed using the MCP server integration (`endor-cli-tools`). Do not invoke `endorctl` directly.


    

    

        
# Leaked Secrets Detection Rule (Endor Labs via MCP)

This project uses [Endor Labs](https://docs.endorlabs.com/) for automated security scanning, integrated through the MCP server.

## Workflow

Whenever a file is modified in the repository, and before the end of an agent session:

- Run `endor-cli-tools` using the `scan` tool via the MCP server to check for leaked secrets.
- If any secrets or errors are detected:
  - Remove the exposed secret or correct the error immediately.
  - Re-run the scan to verify the secret has been properly removed.
- Save scan results and remediation steps in a security log or as comments for audit purposes.

## Notes
- All scans must be performed using the MCP server integration (`endor-cli-tools`). Do not invoke `endorctl` directly.
- This scan must use the path of the directory from which the changed files are in. Use absolute paths.


    

    

        
# Static Application Security Testing (SAST) Rule (Endor Labs via MCP)

This project uses [Endor Labs](https://docs.endorlabs.com/) for automated SAST, integrated through the MCP server.

## Workflow

Whenever a file is modified in the repository, and before the end of an agent session:

- Run `endor-cli-tools` using the `scan` tool via the MCP server to perform SAST scans.
- If any vulnerabilities or errors are found:
  - Present the issues to the user.
  - Recommend and apply appropriate fixes (e.g., input sanitization, validation, escaping, secure APIs).
- Save scan results and remediation steps in a security log or as comments for audit purposes.

## Notes
- All scans must be performed using the MCP server integration (`endor-cli-tools`). Do not invoke `endorctl` directly.
- Do not invoke Opengrep directly.
- This scan must use the path of the directory from which the changed files are in. Use absolute paths.


    




As an alternative to the MCP server configuration, you can install the Endor Labs MCP server as a Gemini extension. You can find the extension on GitHub.


gemini extensions install https://github.com/endorlabs/gemini-extension.git

No additional configuration is required for Developer Edition. When you first use a tool, a browser window opens allowing you to authenticate with GitHub, GitLab, or Google.


For Enterprise Edition, use a natural language command in Gemini CLI to initiate an authentication flow with your organization’s namespace after installing the extension. For example:


Initialize Endor Labs with Google authentication using the command endorctl init --auth-mode=google






    
Use the following troubleshooting steps to resolve common issues with the Endor Labs MCP server.







    
        
        MCP server shows as disconnected or errored
    
    

        
    

  • Verify Node.js and npx are available: run npx --version in your terminal. If the command fails, install Node.js version 18 or later.
    • 

  • Restart your IDE or CLI to reload the MCP server configuration.
    • 

  • Check your config for syntax errors. Use a JSON or TOML validator, or switch to the configuration tool or CLI command instead of manual editing.
    • 



    









    
        
        Authentication browser window does not open
    
    

        
    

  • Ensure your IDE or CLI can open a browser. Check firewall or security software that might block browser launch.
    • 

  • For Enterprise Edition, confirm ENDOR_MCP_SERVER_AUTH_MODE is set correctly (google, github, gitlab, or sso). For SSO, ensure ENDOR_MCP_SERVER_AUTH_TENANT is provided.
    • 



    









    
        
        endorctl download times out
    
    

        
If npx -y endorctl hangs or times out (for example, behind a corporate proxy or firewall), install endorctl globally and update your MCP config to use it. For more information, see Install endorctl.


After installing endorctl, update your MCP config to call endorctl directly instead of npx.


Replace the command and args entries with:


"command": "endorctl",
"args": ["ai-tools", "mcp-server"]

Alternatively, configure your proxy settings for npm.


    









    
        
        Tools return errors when invoked
    
    

        
    

  • If you are using the Enterprise Edition, verify whether your namespace is correct and that your user has Read-Only permissions. See Authorization policies for details.
    • 

  • Ensure endorctl is on your PATH if you installed it globally instead of using npx.
    • 

  • Check that the working directory or project path is valid when invoking tools.
    • 



    









    
        
        Config file has a syntax error and the IDE gives no useful message
    
    

        IDEs often fail silently on invalid configuration. Validate your config file (for example, .cursor/mcp.json, .vscode/mcp.json, .mcp.json, or .codex/config.toml) with a JSON or TOML linter. Alternatively, use the configuration tool or CLI command for your platform instead of editing the file manually.