# Jetbrains AI MCP

The Aikido MCP Plugin connects Aikido’s security engine to AI coding tools. It automatically scans AI generated code for vulnerabilities and hardcoded secrets as soon as it is created.

AI assistants can review their own output, but that review is not perfect. Aikido adds a reliable and consistent security layer that checks every generated snippet with proven scanning rules.

**Why use Aikido MCP**

* Deterministic, independent security checks on every AI generated snippet before it is committed
* Immediate detection and remediation of vulnerabilities and hardcoded secrets in AI assisted workflows
* Real time feedback, making AI driven development safer by default

## Installation

{% stepper %}
{% step %}

#### Create a personal access token

In Aikido, go to [Settings → Integrations → IDE → MCP](https://app.aikido.dev/settings/integrations/ide/mcp)

Create a Personal Access Token.
{% endstep %}

{% step %}

#### Add Aikido MCP server to your Jetbrains IDE config

In your IDE go to Settngs | Tools | AI Assistant | Model Context Protocol (MCP).

{% hint style="info" %}
[Check out Jetbrains documentation for more information](https://www.jetbrains.com/help/ai-assistant/mcp.html)
{% endhint %}

On the Model Context Protocol (MCP) settings page, click ![](https://resources.jetbrains.com/help/img/idea/2025.3/app-client.expui.general.add.svg) Add to add a new MCP server configuration.

In the New MCP Server dialog, select how you want to connect to the MCP server and provide a JSON configuration:

```shellscript
{
  "mcpServers": {
    "aikido": {
      "command": "npx -y @aikidosec/mcp",
      "args": [],
      "environment": {
        "AIKIDO_API_KEY": "YOUR_TOKEN"
      }
    }
  }
}
```

Replace `YOUR_TOKEN` with the token from the previous step.
{% endstep %}

{% step %}
Adapt your agent instructions to use the Aikido MCP by adding the following skill or instructions.

```
---
name: aikido-security
description: Enforce mandatory security scanning for all code changes
license: MIT
compatibility: opencode
metadata:
  audience: developers
  security: aikido
---

## Purpose

Ensure that all first-party code is scanned for security issues whenever code is written or changed.

## Rules

- Always run **aikido_full_scan** on all newly written, generated, added, or modified first-party code.
- Always provide the complete file contents to the scanner.
- If any security issues are reported, apply the fixes using the remediation guidance from Aikido.
- Run **aikido_full_scan** again after fixes to confirm that no issues remain and no new ones were introduced.
- Repeat the fix and rescan cycle until the scan passes with zero issues.
- If the Aikido MCP server is not installed or not running, inform the user to install it using the official setup guide at  
  https://help.aikido.dev/ide-plugins/aikido-mcp
```

{% endstep %}

{% step %}

#### Finished

Aikido MCP is now available in Jetbrains IDE
{% endstep %}
{% endstepper %}