Vibe Coding
Tip: Plug SAST and SCA MCP Servers Into Cursor Security Review for Custom Scanning Pipelines
Cursor's new Security Review accepts custom MCP servers as additional scanning tools. Connect your existing SAST (Semgrep), SCA (Snyk), and secrets scanners (Gitleaks) via MCP, and Cursor's security agents will use them during every PR review alongside its built-in checks. This turns the IDE's security agent into an orchestrator for your existing security toolchain rather than a standalone replacement — the 'bring your own scanner' approach.
Source
↳ Follow the thread