sonarqube
Automatically enforce SonarQube code quality and security in the agent coding loop — 7,000+ rules, secrets scanning, agentic analysis, and quality gates across 40+ languages. PostToolUse hooks run analysis after every file edit. Pre-tool secrets scanning prevents 450+ patterns from reaching the LLM. Slash commands give on-demand access to quality gate status, coverage, duplication, and dependency risks. Includes SonarQube CLI, MCP Server, skills, hooks, and slash commands.
Install & Usage
~/.claude.jsonAdd the configuration to "mcpServers": { "sonarqube": { "command": "...", "args": [] } }
/mcpSecurity Audits
Frequently Asked Questions
What is sonarqube?
Automatically enforce SonarQube code quality and security in the agent coding loop — 7,000+ rules, secrets scanning, agentic analysis, and quality gates across 40+ languages. PostToolUse hooks run analysis after every file edit. Pre-tool secrets scanning prevents 450+ patterns from reaching the LLM. Slash commands give on-demand access to quality gate status, coverage, duplication, and dependency risks. Includes SonarQube CLI, MCP Server, skills, hooks, and slash commands.
How to install sonarqube?
To install sonarqube: open your mcp config (~/.claude.json), then add the config to "mcpServers": { "sonarqube": { "command": "...", "args": [] } }. Finally, /mcp in Claude Code.
What is sonarqube best for?
sonarqube is a mcp categorized under General. It is designed for: security, mcp, agent. Created by SonarSource.