- Home
- MCP servers
- GitGuardian
GitGuardian
- typescript
27
GitHub Stars
typescript
Language
5 months ago
First Indexed
2 months ago
Catalog Refreshed
Documentation & install
Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.
GitGuardian MCP Server lets your AI agent scan codebases for secrets using GitGuardian’s detectors, manage security incidents, and automate honeytoken workflows. It provides secure, contextual tools to remediate issues without leaving your development environment.
How to use
You connect your MCP client to the GitGuardian MCP Server and start issuing tasks such as scanning codebases for leaked secrets, listing incidents, or managing honeytokens. Use the available tools to get authenticated user details, revoke tokens, and perform remediation steps directly from your editor or automation workflow. When using HTTP transport, include per-request authentication headers; with stdio transport, rely on your configured OAuth flow or PAT as described in the authentication section.
How to install
Prerequisites you need to fulfill before installing the GitGuardian MCP Server:
- uv is required for package installation and dependency management. Install uv from its official getting-started guide.
- A compatible MCP client is needed to connect to the server (HTTP or stdio).
Install and run the MCP server using the provided stdio or HTTP transport commands shown in the configuration examples below. Follow the steps that match your editor or integration approach.
Additional sections: configuration, security, notes
Configuration shows how to enable HTTP transport, OAuth, and self-hosted GitGuardian instances. The following two MCP server configurations are provided for common scenarios: a remote HTTP URL configuration and a local stdio configuration using uvx.
Security and authentication details emphasize that OAuth is the default for stdio transport, with options to disable OAuth for PAT-based or per-request authentication in HTTP/SSE mode. When using HTTP transport, per-request Authorization headers are required and OAuth must be disabled.
Notes cover deployment considerations, including how tokens are stored, default hosts and ports, and the distinction between stdio and HTTP transports. If you plan to expose the MCP server over HTTP, ensure ENABLE_LOCAL_OAUTH is set to false when using MCP_PORT, and use the appropriate authentication method for your deployment.
Tools and capabilities
The server provides these core capabilities to help you secure codebases and incidents directly from your editor or automation tool.
Available tools
scan_secrets
Scan code for leaked secrets, credentials, and API keys using GitGuardian detectors.
list_incidents
View security incidents related to the project you are working on.
manage_honeytokens
Create and manage honeytokens to detect unauthorized access.
get_user_info
Get authenticated user information and token details.
revoke_token
Revoke the current API token.