StackMCP

DevSecOps Stack for Cursor

Advanced6 servers34.1K tokens

Configuration

{
  "mcpServers": {
    "docker-mcp": {
      "command": "npx",
      "args": [
        "-y",
        "docker-mcp"
      ]
    },
    "github-mcp": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-github"
      ],
      "env": {
        "GITHUB_PERSONAL_ACCESS_TOKEN": "YOUR_GITHUB_PERSONAL_ACCESS_TOKEN"
      }
    },
    "semgrep-mcp": {
      "command": "uvx",
      "args": [
        "semgrep-mcp"
      ]
    },
    "sonarqube-mcp": {
      "command": "docker",
      "args": [
        "run",
        "--init",
        "--pull=always",
        "-i",
        "--rm",
        "mcp/sonarqube"
      ],
      "env": {
        "SONARQUBE_TOKEN": "YOUR_SONARQUBE_TOKEN",
        "SONARQUBE_URL": "YOUR_SONARQUBE_URL",
        "SONARQUBE_ORG": "YOUR_SONARQUBE_ORG"
      }
    },
    "trivy-mcp": {
      "command": "trivy",
      "args": [
        "mcp"
      ]
    },
    "sentry-mcp": {
      "command": "npx",
      "args": [
        "-y",
        "sentry-mcp"
      ],
      "env": {
        "SENTRY_AUTH_TOKEN": "YOUR_SENTRY_AUTH_TOKEN"
      }
    }
  }
}

Where to save

Paste the config above into:

.cursor/mcp.json

Environment Variables

Replace the YOUR_ placeholders with your actual values.

GITHUB_PERSONAL_ACCESS_TOKENrequired

GitHub personal access token

Used by: GitHub MCP

SONARQUBE_TOKENrequired

SonarQube authentication token

Used by: SonarQube MCP

SONARQUBE_URL

SonarQube Server URL (omit for SonarQube Cloud)

Used by: SonarQube MCP

SONARQUBE_ORG

SonarQube Cloud organization key

Used by: SonarQube MCP

SENTRY_AUTH_TOKENrequired

Sentry auth token

Used by: Sentry MCP

What’s in this stack

Docker MCP14 tools

Manage Docker containers, images, volumes, and networks. Run, stop, inspect, and monitor containers from your AI editor.

Build, scan, and manage container images to ensure your deployments start from a secure, reproducible foundation.

GitHub MCP20 tools

Access the GitHub API to manage repositories, issues, pull requests, branches, and workflows directly from your AI editor.

Automate security-focused CI/CD pipelines, manage branch protection rules, and enforce code review policies across repositories.

Static analysis security scanning with custom rules, AST analysis, and multi-language vulnerability detection. Official Semgrep implementation.

Run static analysis to catch security vulnerabilities, anti-patterns, and compliance issues directly in your source code.

Code quality analysis, security hotspot detection, and vulnerability tracking from SonarQube Cloud or Server. Official SonarSource implementation.

Continuously inspect code quality and security hotspots, tracking technical debt and vulnerability trends over time.

Trivy MCP5 tools

Container image scanning, filesystem vulnerability detection, and infrastructure misconfiguration analysis. Official Aqua Security implementation.

Scan containers, filesystems, and dependencies for known CVEs so vulnerabilities are caught before they reach production.

Sentry MCP8 tools

Query Sentry for error tracking, performance monitoring, and issue management directly from your AI editor.

Monitor runtime errors and security-related exceptions in production to detect and respond to incidents quickly.

Other editors