MCP Veracode MCP Server

1

Add it to Claude Code

Run this in a terminal.

Run in terminal
claude mcp add -e "VERACODE_API_ID=${VERACODE_API_ID}" -e "VERACODE_API_SECRET=${VERACODE_API_SECRET}" mcp-veracode -- npx -y github:landscapedotcl/mcp-veracode
Required:VERACODE_API_IDVERACODE_API_SECRET
README.md

An MCP server to query Veracode security services from Claude Code.

MCP Veracode

MCP server para consultar Veracode desde Claude Code.

Tools

Tool Descripcion
veracode_applications Listar y buscar aplicaciones
veracode_findings Vulnerabilidades y flaws de una aplicacion
veracode_scan_status Estado de scans y summary report
veracode_policy_compliance Estado de cumplimiento de politicas

Instalacion

Agregar a ~/.claude/mcp.json:

{
  "mcpServers": {
    "veracode-mcp": {
      "command": "npx",
      "args": ["-y", "github:landscapedotcl/mcp-veracode"],
      "env": {
        "VERACODE_API_ID": "tu_api_id",
        "VERACODE_API_SECRET": "tu_api_secret"
      }
    }
  }
}

Reiniciar Claude Code para que cargue el MCP server.

Autenticacion

Usa HMAC-SHA-256 con API ID y API Secret, el metodo estandar de Veracode.

Las credenciales se generan en Veracode > Account Settings > API Credentials.

Uso

# Listar aplicaciones
veracode_applications({ name: "mi-app" })

# Findings de una aplicacion
veracode_findings({ applicationGuid: "guid-aqui", scanType: "STATIC", severityGte: 3 })

# Estado de scans
veracode_scan_status({ applicationGuid: "guid-aqui" })

# Apps que no cumplen politica
veracode_policy_compliance({ policyCompliance: "DID_NOT_PASS" })

Tools (4)

veracode_applicationsList and search for applications within the Veracode platform.
veracode_findingsRetrieve vulnerabilities and flaws for a specific application.
veracode_scan_statusCheck the status of scans and retrieve summary reports.
veracode_policy_complianceCheck the policy compliance status of applications.

Environment Variables

VERACODE_API_IDrequiredThe API ID for Veracode authentication.
VERACODE_API_SECRETrequiredThe API Secret for Veracode authentication.

Configuration

claude_desktop_config.json
{"mcpServers": {"veracode-mcp": {"command": "npx", "args": ["-y", "github:landscapedotcl/mcp-veracode"], "env": {"VERACODE_API_ID": "tu_api_id", "VERACODE_API_SECRET": "tu_api_secret"}}}}

Try it

List all applications in my Veracode account.
Find all high-severity static vulnerabilities for the application with GUID 'guid-aqui'.
What is the current scan status for my application?
Show me all applications that are currently failing their security policy compliance.

Frequently Asked Questions

What are the key features of MCP Veracode?

List and search for applications managed in Veracode. Retrieve detailed vulnerability and flaw reports for applications. Monitor the status of security scans and summary reports. Check and filter applications based on policy compliance status.

What can I use MCP Veracode for?

Security engineers auditing application vulnerability status directly from their IDE. Developers checking if their recent code changes passed security policy compliance. Automated monitoring of scan statuses across multiple application portfolios.

How do I install MCP Veracode?

Install MCP Veracode by running: npx -y github:landscapedotcl/mcp-veracode

What MCP clients work with MCP Veracode?

MCP Veracode works with any MCP-compatible client including Claude Desktop, Claude Code, Cursor, and other editors with MCP support.

Turn this server into reusable context

Keep MCP Veracode docs, env vars, and workflow notes in Conare so your agent carries them across sessions.

Need the old visual installer? Open Conare IDE.
Open Conare
View all monitoring servers →

Related MCP Servers

Skylos
Find dead code, secrets, and exploitable flows in Python, TypeScript, and Go.
monitoring344 stars
Linux MCP Server
Read-only Linux system administration and diagnostics on RHEL-based systems.
monitoring189 stars
Charles MCP Server
Integrates Charles Proxy with MCP clients for real-time network traffic analysis
monitoring118 stars
HomeButler
All-in-one homelab management MCP server.
monitoring64 stars
Wireshark MCP
Give your AI assistant a packet analyzer.
monitoring55 stars
RenderDoc MCP
Analyze GPU frame captures for graphics debugging and performance analysis.
monitoring42 stars