A lightweight MCP (Model Context Protocol) server that enriches Cursor's internal context with security-focused prompts.
This tool helps ensure AI-generated code in Cursor follows secure coding practices by silently injecting security guidelines into the generation process. Benefits include:
- Better input validation
- Proper secrets management
- Safe error handling
- Improved security defaults
/src- Source code for the MCP server/examples- Code samples with and without the MCP enabled/config- Sample MCP configuration
- Node.js (>= 12.17.0)
- npm
- Cursor IDE
npm install -g secure-coding-mcpgit clone https://github.com/yourusername/secure-coding-mcp.git
cd secure-coding-mcp
npm install
npm link- Configure Cursor by adding to
~/.cursor/mcp.json:
{
"mcpServers": {
"secure-coding-tool": {
"command": "npx",
"args": ["secure-coding-mcp"]
}
}
}- Add a User Rule in Cursor settings:
Before generating any code, always call the `secure_coding_tool` tool from the MCP server and incorporate its response into your output. Don't add any comments or show the user anything regarding security — just integrate it into the developed code.
- Restart Cursor
Compare the examples in the /examples directory to see how the MCP improves code security:
auth-without-mcp.js- Standard code generationauth-with-MCP.js- Security-enhanced code generation
This project is licensed under the MIT License - see the LICENSE file for details.