Veracode

Quick Start

1. Install

pip install -r requirements.txt

2. Add credentials to .env

VERACODE_API_ID=your_api_id
VERACODE_API_KEY=your_api_key

Get these from Veracode Platform → My Profile → API Credentials

3. Add to .cursor/mcp.json

{
  "mcpServers": {
    "veracode": {
      "command": "python",
      "args": ["server.py"],
      "cwd": "C:/path/to/veracode-mcp"
    }
  }
}

Set cwd to the full path of the veracode-mcp folder on your machine.
Examples:

• Windows: "cwd": "C:/Users/you/veracode-mcp"
• macOS/Linux: "cwd": "/home/you/veracode-mcp"

Not sure of the path? Run this in your terminal to print it:

# Windows (PowerShell)
(Get-Item .\veracode-mcp).FullName

# macOS / Linux
realpath ./veracode-mcp

Restart Cursor — that's it. Ask Cursor to run a Veracode scan and it will use the tools automatically.

---

What you can ask Cursor

• "List my Veracode applications"
• "Zip the bin folder and run a SAST scan on app 12345"
• "Wait for the scan to finish and show me the findings"
• "Show me SCA vulnerabilities from the last scan"
• "List my SCA workspaces and get CVEs for my project"