OpenAI Codex CLI MCP

The Aikido MCP (Model Context Protocol) Server brings Aikido's security scanning capabilities directly into your AI coding workflow. By connecting Aikido to your AI-powered IDE and other solutions with MCP support, you enable your coding assistant to automatically scan code for security vulnerabilities and hardcoded secrets, right as you write it.

By integrating the Aikido MCP server into their workflow, agents gain the ability to automatically scan any code they generate. This streamlined workflow allows them to detected and resolve any issues directly as they generate it resulting in safer code early in the development process.

Available Tools

aikido_full_scan: Runs a combined SAST + Secrets scan on provided files.
aikido_sast_scan: Runs a local SAST (static application security testing) scan on provided files
aikido_secrets_scan: Runs a secrets-only scan on provided files

Installation

Create a personal access token

In Aikido, go to Settings → Integrations → IDE → MCP

Create a Personal Access Token.

Install the Aikido MCP server

codex mcp add aikido \
  --env AIKIDO_API_KEY=YOUR_TOKEN \
  -- npx -y @aikidosec/mcp

Replace YOUR_TOKEN with the token from the previous step.

Add the Aikido rule to Global AGENTS file

Create the codex directory if it doesn't exist yet.

mkdir -p ~/.codex/skills

Download the Aikido rule and add it to ~/.codex/skills/aikido-rule.txt.

curl -fsSL "https://gist.githubusercontent.com/kidk/aa48cad6db80ba4a38493016aae67712/raw/3644397b7df43423e3da06434491b40bbb79dd47/aikido-rule.txt" \
  -o ~/.codex/skills/aikido-rule.txt

Finished

Aikido MCP is now available in Codex CLI.

Restart Codex CLI if it was open.

Last updated 25 days ago

Was this helpful?

hashtagAvailable Tools

hashtagInstallation

hashtagCreate a personal access token

hashtagInstall the Aikido MCP server

hashtagAdd the Aikido rule to Global AGENTS file

hashtagFinished