Set up Safety MCP in 30 seconds
Free, no account needed. Just copy, paste, and start generating secure code immediately.
Cursor Setup
- Click the Settings icon in the top right corner.
- Select MCP from the left navigation.
- Click the "Add new global MCP server" button.
- Add the following to the mcp.json file:
{
"mcpServers": {
"safety-mcp": {
"url": "https://mcp.safetycli.com/sse",
"type": "sse",
"headers": {
"Authorization": "Bearer a24ed89c-cc30-4bd8-a03f-f2db2ccbf849"
}
}
}
}
Copy- Go back to Settings and click Rules, then input the following into User Rules:
- Every time you import a Python package or add a package to a requirements.txt or pyproject.toml, use the safety-mcp to check if the version you have chosen is secure and is the latest version of the package. Make sure you always use the latest_secure_version (returned by safety-mcp) for any package.
- If a package already exists in a codebase, and a user asks you to check it for vulnerabilities, use the safety-mcp and evaluate whether there are any secure versions in the same major version and acknowledge these options. Additionally, inform the user of the latest secure version of the package.
CopyWindsurf Setup
Note: Safety MCP currently does not work with Claude 3.7 in Windsurf.
- Click the Settings icon in the top right corner.
- Select MCP from the left navigation.
- Click the "Add new global MCP server" button.
- Add the following to the mcp.json file:
{
"mcpServers": {
"safety-mcp": {
"serverUrl": "https://mcp.safetycli.com/sse",
"headers": {
"Authorization": "Bearer a24ed89c-cc30-4bd8-a03f-f2db2ccbf849"
}
}
}
}
Copy- Every time you import a Python package or add a package to a requirements.txt or pyproject.toml, use the safety-mcp to check if the version you have chosen is secure and is the latest version of the package. Make sure you always use the latest_secure_version (returned by safety-mcp) for any package.
- If a package already exists in a codebase, and a user asks you to check it for vulnerabilities, use the safety-mcp and evaluate whether there are any secure versions in the same major version and acknowledge these options. Additionally, inform the user of the latest secure version of the package.
CopyCopilot Setup
- Open VS Code settings (settings icon in bottom left corner) and click Settings.
- Search for "MCP".
- Click Edit in settings.json
- Paste the following and save the file:
{
"chat.mcp.discovery.enabled": true,
"mcp": {
"inputs": [],
"servers": {
"safety-mcp": {
"url": "https://mcp.safetycli.com/sse",
"type": "sse",
"headers": {
"Authorization": "Bearer a24ed89c-cc30-4bd8-a03f-f2db2ccbf849"
}
}
}
}
}
Copy- To use Safety MCP with Copilot, switch to agent mode.
- To configure Copilot instructions follow the steps on this page and add the following instructions:
- Every time you import a Python package or add a package to a requirements.txt or pyproject.toml, use the safety-mcp to check if the version you have chosen is secure and is the latest version of the package. Make sure you always use the latest_secure_version (returned by safety-mcp) for any package.
- If a package already exists in a codebase, and a user asks you to check it for vulnerabilities, use the safety-mcp and evaluate whether there are any secure versions in the same major version and acknowledge these options. Additionally, inform the user of the latest secure version of the package.
CopyClaude Setup
- Click the Claude menu from the top menu bar in Mac.
- Click Settings.
- Select the Developer tab.
- Click Edit Config.
- Open the
claude_desktop_config.json file in an editor of your choice. - Add the following to your config:
{
"mcpServers": {
"safety-mcp": {
"command": "uvx",
"args": [
"mcp-proxy",
"https://mcp.safetycli.com/sse"
],
"env": {
"API_ACCESS_TOKEN": "Bearer a24ed89c-cc30-4bd8-a03f-f2db2ccbf849"
}
}
}
}
CopyClaude Code Setup
In your terminal run the following:
claude mcp add -t sse safety-mcp-sse https://mcp.safetycli.com/sse
CopyDon't see your tool? Safety MCP works with any application that supports the Model Context Protocol.
