Skip to content

feat: introduce CodeGuard MCP Server for codeguard rules as tools#56

Merged
ramraaj25 merged 1 commit intomainfrom
feat/mcp-server
Apr 15, 2026
Merged

feat: introduce CodeGuard MCP Server for codeguard rules as tools#56
ramraaj25 merged 1 commit intomainfrom
feat/mcp-server

Conversation

@ramraaj25
Copy link
Copy Markdown
Contributor

@ramraaj25 ramraaj25 commented Apr 15, 2026

  • Added a new MCP server that exposes CodeGuard security rules over streamable HTTP.
  • Included setup instructions in the README and a new .env.example for configuration.
  • Implemented Docker support with a docker-compose.yml file.
  • Created a comprehensive rule processing system to load and serve security rules.
  • Added meta-rule skill for IDE integration and documentation on usage.
  • Implemented structured logging and health check endpoints for the server.

This feature enhances the security guidance available to developers by integrating AI coding assistants with centralized security rules.

Fixes #54

@ramraaj25
feat: introduce CodeGuard MCP Server for codeguard rules as tools
f97e7b2 
- Added a new MCP server that exposes CodeGuard security rules over streamable HTTP.
- Included setup instructions in the README and a new .env.example for configuration.
- Implemented Docker support with a docker-compose.yml file.
- Created a comprehensive rule processing system to load and serve security rules.
- Added meta-rule skill for IDE integration and documentation on usage.
- Implemented structured logging and health check endpoints for the server.

This feature enhances the security guidance available to developers by integrating AI coding assistants with centralized security rules.
santosomar
santosomar approved these changes Apr 15, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@santosomar santosomar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FastMCP can be used to expose and “advertise” agent skills over MCP so that compatible agents can discover and load them.

In other words, FastMCP has a Skills Provider that treats agent skills as MCP resources and serves them via an MCP server.

Should we convert this to advertise skills vs rules?

A skill folder (with SKILL.md, manifests, scripts, etc.) is mapped to URIs like skill://my-skill/SKILL.md that an MCP client (e.g., Claude Code, Cursor, VS Code MCP client) can list and read.

Clients / agents can call list_resources against the FastMCP server and see all available skill resources, which is effectively how skills are “advertised” to the agent runtime.

https://gofastmcp.com/servers/providers/skills

Perhaps, this could be a latter enhancement.

@ramraaj25
Copy link
Copy Markdown
Contributor Author

ramraaj25 commented Apr 15, 2026

FastMCP can be used to expose and “advertise” agent skills over MCP so that compatible agents can discover and load them.

In other words, FastMCP has a Skills Provider that treats agent skills as MCP resources and serves them via an MCP server.

Should we convert this to advertise skills vs rules?

A skill folder (with SKILL.md, manifests, scripts, etc.) is mapped to URIs like skill://my-skill/SKILL.md that an MCP client (e.g., Claude Code, Cursor, VS Code MCP client) can list and read.

Clients / agents can call list_resources against the FastMCP server and see all available skill resources, which is effectively how skills are “advertised” to the agent runtime.

https://gofastmcp.com/servers/providers/skills

Perhaps, this could be a latter enhancement.

@santosomar That is a great suggestion. I will incorporate it here and update the PR.
Thank you!

@ramraaj25
Copy link
Copy Markdown
Contributor Author

ramraaj25 commented Apr 15, 2026

@santosomar I explored using FastMCP's SkillsProvider to expose all CodeGuard rules as MCP resources (skill:// URIs). This works well with Cursor, but VS Code's MCP client currently only supports listing and invoking MCP tools, it cannot list or read MCP resources.

Given that VS Code is the most widely used IDE, I'll go ahead and merge this PR which exposes rules as MCP tools to ensure broad compatibility. I have pushed the SkillsProvider-based implementation to a separate branch here so we can raise a PR from it once VS Code adds support for MCP resources.

@ramraaj25 ramraaj25 merged commit 00f6263 into main Apr 15, 2026
4 of 5 checks passed
@ramraaj25 ramraaj25 deleted the feat/mcp-server branch April 15, 2026 23:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@santosomar santosomar santosomar approved these changes

@shrey-bagga shrey-bagga shrey-bagga approved these changes

@thomas-bartlett thomas-bartlett Awaiting requested review from thomas-bartlett

@aacarter1 aacarter1 Awaiting requested review from aacarter1

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

CodeGuard MCP Server: streamable HTTP server exposing security rules as tools

3 participants

@ramraaj25 @santosomar @shrey-bagga