Scan dependencies, detect vulnerabilities, find leaked secrets, and review code for security issues directly inside IntelliJ IDEA, powered by your AI agent.
What you can do
With the Endor Labs MCP server, you can:
- Check dependency safety before adding a new package
- Scan for vulnerabilities and malware in your open source dependencies
- Find leaked secrets accidentally committed in your Git history
- Run AI security reviews on your code changes (Enterprise Edition)
Install the MCP server
The Developer Edition is free and uses default security policies from Endor Labs. When you use the MCP server for the first time, a browser window opens for authentication through GitHub, GitLab, or Google.
Open GitHub Copilot Chat, switch to Agent mode, select Configure Tools, then select + Add More Tools… to open mcp.json. Copy and paste the generated configuration.
Developer Edition Configuration
Copy the JSON configuration for your MCP configuration file.
For manual configuration, copy and paste the following JSON directly into your MCP configuration file.
The Enterprise Edition enforces your organization’s specific security policies. You need your Endor Labs namespace and an authentication method. Ensure that your developers have Read-Only permissions to Endor Labs. See Authorization policies for more details.
Generate the Enterprise Edition configuration for your organization.
Enterprise Edition Configuration
Select your authentication method and generate JSON for your MCP configuration.
For manual configuration, copy and paste the following JSON directly into your MCP configuration file.
View JSON configuration
The following parameters are used to configure the MCP server. All parameters are optional.
ENDOR_MCP_SERVER_AUTH_MODE: The authentication mode to use for the MCP server. You can use the following authentication modes:github,gitlab,google,sso. If you choosesso, you must addENDOR_MCP_SERVER_AUTH_TENANTas an additional parameter. If not specified, the MCP server defaults to browser authentication for the Developer Edition.ENDOR_NAMESPACE: The namespace to use for the MCP server. Required for Enterprise Edition to access your organization’s specific policies. Not needed for Developer Edition.ENDOR_MCP_SERVER_AUTH_TENANT: The tenant name for SSO authentication. Required whenENDOR_MCP_SERVER_AUTH_MODEis set tossofor Enterprise Edition access.
Verify the installation
Save and close mcp.json. Switch from Agent to Ask mode in the chat and then back to Agent mode to reload the MCP server.
After installing, in GitHub Copilot Chat, switch to Agent mode and select Configure Tools to confirm endor-cli-tools appears in the list and is enabled.
Try a test prompt
After installing the MCP server, try the following prompt in your AI chat or CLI to verify that the tools are working.
Check if the npm package lodash version 4.17.20 has any vulnerabilities
The MCP server uses the check_dependency_for_vulnerabilities tool to check for known vulnerabilities and return the results. If you see a response with vulnerability details, the MCP server is working correctly.
How to use the Endor Labs MCP server
The Endor Labs MCP server provides the following tools:
check_dependency_for_vulnerabilities: Check if a dependency in your project is vulnerable.check_dependency_for_risks: Check a dependency for security risks including vulnerabilities and malware.get_endor_vulnerability: Get the details of a specific vulnerability from the Endor Labs vulnerability database.get_resource: Retrieve additional context from commonly used Endor Labs resources about your software, such as findings, vulnerabilities, and projects.scan: Run an Endor Labs security scan to detect risks in your open source dependencies, find common security issues, and spot any credentials accidentally exposed in your Git repository.security_review: Perform security review analysis on code diffs. Analyzes local uncommitted changes (both staged and unstaged) compared to HEAD, or diffs between the main branch and the last commit. Requires the Enterprise Edition. You must specify your namespace in the MCP server configuration. You must also enable AI security code review for your namespace in the Endor Labs platform. See AI security code review for setup instructions.
After you set up the MCP server, you can choose to disable the tools that you do not want to use.
Configure Copilot rules
Set up Copilot rules in .github/instructions/*.md to use the Endor Labs MCP server throughout the development process. See Add repository custom instructions for GitHub Copilot for more details.
Example Copilot rules
Copilot instructions define the guidelines that Copilot should follow throughout the development process. The following examples demonstrate how to use the Endor Labs MCP server within Copilot rules.
---
description: "Dependency vulnerability scanning using Endor Labs via MCP server integration"
applyTo: '**/package.json, **/package-lock.json, **/yarn.lock, **/pnpm-lock.yaml, **/requirements.txt, **/Pipfile, **/Pipfile.lock, **/pyproject.toml, **/poetry.lock, **/go.mod, **/go.sum, **/Cargo.toml, **/Cargo.lock, **/pom.xml, **/build.gradle, **/build.gradle.kts, **/gradle.lockfile, **/composer.json, **/composer.lock'
---
# Software Composition Analysis (SCA) Rule (Endor Labs via MCP)
This project uses Endor Labs for automated dependency (SCA) scanning, integrated through the MCP server as configured in `mcp.json`.
## Workflow
Every time a manifest or lockfile listed above is created or modified in any way immediately do the following prior to performing your next task.
**Important**: Do not proceed after creating or modifying a manifest file without running this first. Do not write any other code or continue with your existing prompt. This is top priority whenever a manifest file is created or updated.
- Run `endor-cli-tools` using the `check_dependency_for_vulnerabilities` tool via the MCP server.
- Provide the **ecosystem**, **dependency name**, and **version** always when making this tool call. Do not forget to provide a version.
- If a vulnerability or error is identified:
- Upgrade to the suggested safe version, or
- Replace the dependency with a non-vulnerable alternative.
- The AI agent must attempt to automatically correct all detected errors and vulnerabilities before session completion.
- Re-run the check using `endor-cli-tools` to confirm the issue is resolved.
- If an error occurs in any MCP server tool call (such as missing required parameters like version, invalid arguments, or tool invocation failures):
- The AI agent must review the error, determine the cause, and automatically correct the tool call or input parameters.
- Re-attempt the tool call with the corrected parameters.
- Continue this process until the tool call succeeds or it is determined that remediation is not possible, in which case the issue and reason must be reported.
## Notes
- All scans must be performed using the MCP server integration (`endor-cli-tools`) as configured in `mcp.json`. Do not invoke `endorctl` directly.
- For troubleshooting, ensure the MCP server is running and `endorctl` is installed and accessible in your environment.
This rule ensures that all dependency changes are evaluated for risk at the time of introduction, and that the project remains clean and secure after each coding session. The scan may be performed at the end of an agent session, provided all modifications are checked and remediated before session completion.
---
description: "Scan for leaked secrets on file modification using Endor Labs via MCP server integration"
applyTo: '**/*'
---
# Leaked Secrets Detection Rule (Endor Labs via MCP)
This project uses [Endor Labs](https://docs.endorlabs.com/) for automated security scanning, integrated through the MCP server as configured in `mcp.json`.
## Workflow
Whenever a file is modified in the repository, and before the end of an agent session:
- Run `endor-cli-tools` using the `scan` tool via the MCP server to check for leaked secrets.
- Ensure the scan includes all file types and respects `.gitignore` unless otherwise configured.
- If any secrets or errors are detected:
- Remove the exposed secret or correct the error immediately.
- The AI agent must attempt to automatically correct all detected secrets and errors before session completion.
- Re-run the scan to verify the secret or error has been properly removed or resolved.
- If an error occurs in any MCP server tool call (such as missing required parameters like version, invalid arguments, or tool invocation failures):
- The AI agent must review the error, determine the cause, and automatically correct the tool call or input parameters.
- Re-attempt the tool call with the corrected parameters.
- Continue this process until the tool call succeeds or it is determined that remediation is not possible, in which case the issue and reason must be reported.
- Save scan results and remediation steps in a security log or as comments for audit purposes.
## Notes
- All scans must be performed using the MCP server integration (`endor-cli-tools`) as configured in `mcp.json`. Do not invoke `endorctl` directly.
- For troubleshooting, ensure the MCP server is running and `endorctl` is installed and accessible in your environment.
- **Important**: This scan must use the path of the directory from which the changed files are in. Do not attempt to set the path directly to a file as it must be a directory. Use absolute paths like /Users/username/mcp-server-demo/backend rather than relative paths like 'backend'
This rule ensures no accidental credentials, tokens, API keys, or secrets are committed or remain in the project history. The scan may be performed at the end of an agent session, provided all modifications are checked and remediated before session completion.
---
description: "Static Application Security Testing (SAST) using Endor Labs via MCP server integration"
applyTo: '**/*.c, **/*.cpp, **/*.cc, **/*.cs, **/*.go, **/*.java, **/*.js, **/*.jsx, **/*.ts, **/*.tsx, **/*.py, **/*.php, **/*.rb, **/*.rs, **/*.kt, **/*.kts, **/*.scala, **/*.swift, **/*.dart, **/*.html, **/*.yaml, **/*.yml, **/*.json, **/*.xml, **/*.sh, **/*.bash, **/*.clj, **/*.cljs, **/*.ex, **/*.exs, **/*.lua'
---
# Static Application Security Testing (SAST) Rule (Endor Labs via MCP)
This project uses [Endor Labs](https://docs.endorlabs.com/) for automated SAST, integrated through the MCP server as configured in `mcp.json`.
## Workflow
Whenever a file is modified in the repository, and before the end of an agent session perform the following workflow:
- Run `endor-cli-tools` using the `scan` tool via the MCP server to perform SAST scans as described above.
- If any vulnerabilities or errors are found:
- Present the issues to the user.
- The AI agent must attempt to automatically correct all errors and vulnerabilities, including code errors, security issues, and best practice violations, before session completion.
- Recommend and apply appropriate fixes (e.g., input sanitization, validation, escaping, secure APIs).
- Continue scanning and correcting until all critical issues have been resolved or no further automated remediation is possible.
- If an error occurs in any MCP server tool call (such as missing required parameters like version, invalid arguments, or tool invocation failures):
- The AI agent must review the error, determine the cause, and automatically correct the tool call or input parameters.
- Re-attempt the tool call with the corrected parameters.
- Continue this process until the tool call succeeds or it is determined that remediation is not possible, in which case the issue and reason must be reported.
- Save scan results and remediation steps in a security log or as comments for audit purposes.
## Notes
- All scans must be performed using the MCP server integration (`endor-cli-tools`) as configured in `mcp.json`. Do not invoke `endorctl` directly.
- For troubleshooting, ensure the MCP server is running and `endorctl` is installed and accessible in your environment.
- Do not invoke Opengrep directly.
- **Important**: This scan must use the path of the directory from which the changed files are in. Do not attempt to set the path directly to a file as it must be a directory. Use absolute paths like /Users/username/mcp-server-demo/backend rather than relative paths like 'backend'
This rule ensures all code changes are automatically reviewed and remediated for common security vulnerabilities and errors using `endor-cli-tools` and the MCP server, with Opengrep as the underlying engine.
Troubleshooting
Use the following troubleshooting steps to resolve common issues with the Endor Labs MCP server.
MCP server shows disconnected
npx --version in your terminal. If the command fails, install Node.js version 18 or later. After installing, restart your IDE or CLI to reload the MCP server configuration.
Browser auth window does not open
ENDOR_MCP_SERVER_AUTH_MODE and ENDOR_MCP_SERVER_AUTH_TENANT are set correctly in your MCP configuration.
npx times out behind a corporate proxy
Install endorctl using your preferred method and configure the MCP server to call it directly instead of using npx. In the Enterprise Edition install wizard, select No under Using npx? to generate the correct configuration. Alternatively, replace the command and args entries in your MCP configuration manually:
"command": "endorctl",
"args": ["ai-tools", "mcp-server"]
For installation options, see Install endorctl. For more details on how npx and a system-installed endorctl differ, see the FAQ entry below.
Understanding npx vs. a system-installed endorctl
The default MCP server configuration uses npx -y endorctl to run endorctl. This command downloads endorctl from the npm registry into a temporary cache (~/.npm/_npx/) and runs it from there. It does not install endorctl globally and does not interact with any existing endorctl binary on your system.
If you have endorctl installed separately (for example, through Homebrew or a direct download), the npx command runs its own copy and ignores the system-installed version. These two copies are completely independent.
To use your existing endorctl installation instead of npx, select No under Using npx? in the Enterprise Edition install wizard. This generates a configuration that calls endorctl directly:
"command": "endorctl",
"args": ["ai-tools", "mcp-server"]
With this approach, updates are managed by your existing package manager (for example, brew upgrade endorctl).
Tools return errors (Enterprise)
Read-Only permissions in Endor Labs. See Authorization policies for details. Also ensure endorctl is on your PATH if you installed it globally instead of using npx.
MCP server fails to start on Windows
On Windows, ensure the following prerequisites are met:
- Node.js is installed
- npm global bin directory is in your PATH
Install Node.js
If Node.js is not installed, download and install the LTS version from nodejs.org. During installation, ensure the option to add Node.js to PATH is selected.
Configure the PATH environment variable
After installing Node.js, verify that the npm global bin directory is in your PATH:
-
Run the following command in the command line.
npm config get prefixThis returns the npm global directory path, typically
C:\Users\<YourUsername>\AppData\Roaming\npm. -
Add the npm global directory path to the Path variable under User variables in your system’s environment variables settings.
-
Restart for the PATH changes to take effect.
Verify the setup
Run the following command in your terminal.
npx --version
If this returns a version number, your Windows setup is complete and the MCP server can use npx to run endorctl.