Pensar maintains an MCP server that can be intregrated with your favorite AI coding agent (Cursor, Windsurf, Cline, Claude code) to detect if the coding agent is inadvertently generating insecure code. This protects you, your team, and your employees from commiting insecure code to your repository without having to run a full code security review.
Pensar’s MCP server does not guarantee that coding agents won’t generate insecure code but will dramatically improve the security quality of the code generated.
We still recommend using Pensar’s full code security review features to ensure no vulnerabilities are being shipped to production.

Installation

1

Generate an API Key

Visit the Pensar Console to setup a workspace and generate an API key.
2

IDE Configuration

We currently support and have tested Cursor, Windsurf, Cline, VS Code Copilot, and Claude.Add the following to your IDE’s MCP config file:
{
  "mcpServers": {
    "@pensar/mcp": {
	  "command": "npx",
	  "args": ["-y", "@pensar/mcp@latest", "API_KEY=<your-api-key>"]
	}
  }
}
Replace <your-api-key> with your Pensar Console API key.Config file locations:
  • Cursor: ~/.cursor/mcp.json
  • Windsurf: ~/.codeium/windsurf/mcp_config.json
  • Cline: ~/.cline/mcp_config.json
  • Claude: ~/.claude/mcp_config.json
VS Code InstallationYou can manually add the MCP to the User Settings JSON file in VS Code by pressing Ctrl + Shift + P and running the Preferences: Open User Settings (JSON) command.
{
  "mcp": {
    "inputs": [
      {
        "type": "promptString",
        "id": "apiKey",
        "description": "Pensar API key",
        "password": true
      }
    ],
    "servers": {
      "@pensar/mcp": {
        "command": "npx",
        "args": ["-y", "@pensar/mcp@latest"],
        "env": {
          "API_KEY": "${input:apiKey}"
        }
      }
    }
  }
}
Or, you can add the configuration to the .vscode/mcp.json file in your VS Code workspace:
{
   "inputs": [
      {
        "type": "promptString",
        "id": "apiKey",
        "description": "Pensar API key",
        "password": true
      }
    ],
    "servers": {
      "@pensar/mcp": {
        "command": "npx",
        "args": ["-y", "@pensar/mcp@latest"],
        "env": {
          "API_KEY": "${input:apiKey}"
       }
     }
   }
 }