Skip to main content
Glama

Coverity Connect MCP Server

by keides2
GitHub
Python
MIT License
1
  • Apple
  • Linux
OverviewInspectNewSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue

Coverity Connect MCP Server

English | 日本語

A Model Context Protocol (MCP) server that provides seamless integration between AI assistants (like Claude Desktop) and Black Duck Coverity Connect static analysis platform.

Transform your Coverity workflow with natural language commands and automated analysis through AI-powered interactions.

🚀 Features

🔍 Comprehensive Coverity Integration

  • Project Management: List and explore Coverity projects and streams
  • Defect Analysis: Advanced defect search with intelligent filtering and detailed analysis
  • User Management: Complete user administration, role management, and access control
  • Security Focus: Specialized security vulnerability detection and analysis
  • CI/CD Automation: Automated pipeline integration for continuous quality monitoring
  • Quality Reports: Executive-level quality dashboards and trend analysis

🤖 AI-Powered Analysis

  • Natural Language Queries: "Show me critical security issues in project X" or "List users with administrator privileges"
  • Intelligent Filtering: Automatic prioritization of high-impact defects and user access management
  • Contextual Recommendations: AI-driven remediation suggestions and security audit insights
  • Trend Analysis: Historical data analysis, quality metrics, and user activity patterns

🛠️ Enterprise Ready

  • SOAP API Integration: Full Coverity Connect Web Services support
  • Authentication: Secure auth-key based authentication
  • Proxy Support: Corporate network and proxy configuration
  • Multi-Platform: Windows, macOS, and Linux support
  • Docker Ready: Containerized deployment for enterprise environments

📦 Installation

For Claude Desktop users, download the DXT package from the latest release:

  1. Download DXT Package:
    • Go to Releases
    • Download coverity-connect-mcp-1.0.0.dxt from the latest release
  2. Install in Claude Desktop:
    • Drag and drop the .dxt file into Claude Desktop
    • Configure environment variables (see Configuration section)

🐍 Python Package Installation

Direct Installation from GitHub
# Install directly from GitHub (recommended) pip install git+https://github.com/keides2/coverity-connect-mcp.git

Source Installation

# Clone and install from source git clone https://github.com/keides2/coverity-connect-mcp.git cd coverity-connect-mcp pip install -e .

🔧 Development Installation

For development purposes:

git clone https://github.com/keides2/coverity-connect-mcp.git cd coverity-connect-mcp # Create virtual environment python -m venv venv source venv/bin/activate # On Windows: venv\Scripts\activate # Install with development dependencies pip install -e ".[dev]"

🚀 Future Installation Methods

These installation methods are planned for future releases:

PyPI Installation (Planned)
pip install coverity-connect-mcp
Docker Installation (Planned)
docker pull keides2/coverity-connect-mcp:latest

⚙️ Configuration

1. Environment Variables

Create a .env file or set environment variables:

# Required - Coverity Connect Authentication export COVAUTHUSER="your_coverity_username" export COVAUTHKEY="your_coverity_auth_key" # Required - Coverity Server export COVERITY_HOST="your-coverity-server.com" export COVERITY_PORT="443" export COVERITY_SSL="True" # Optional - Local Workspace export COVERITY_BASE_DIR="/path/to/coverity/workspace" # Optional - Corporate Proxy (if needed) export PROXY_HOST="your-proxy-server.com" export PROXY_PORT="3128" export PROXY_USER="proxy_username" # if authentication required export PROXY_PASS="proxy_password" # if authentication required

2. Claude Desktop Integration

Add to your claude_desktop_config.json:

{ "mcpServers": { "coverity-connect": { "command": "coverity-mcp-server", "env": { "COVAUTHUSER": "${COVAUTHUSER}", "COVAUTHKEY": "${COVAUTHKEY}", "COVERITY_HOST": "your-coverity-server.com" } } } }

3. Docker Configuration

Note: Since the Docker image is not yet published, you can build it locally:

# docker-compose.yml version: '3.8' services: coverity-mcp: build: . # Build from local source # Future: image: keides2/coverity-connect-mcp:latest environment: - COVAUTHUSER=${COVAUTHUSER} - COVAUTHKEY=${COVAUTHKEY} - COVERITY_HOST=${COVERITY_HOST} # Optional proxy settings - PROXY_HOST=${PROXY_HOST} - PROXY_PORT=${PROXY_PORT} ports: - "8000:8000"

🎯 Usage Examples

Basic Project Analysis

Show me all Coverity projects and their current status

Security-Focused Analysis

Analyze the latest snapshot of project "MyWebApp" and focus on high-severity security vulnerabilities. Provide specific remediation recommendations.

Quality Reporting

Generate a comprehensive quality report for project "MyProject" including trends over the last 30 days

CI/CD Integration

Run automated Coverity analysis for group "web-team", project "frontend", branch "main" with commit message "Security fixes"

Advanced Filtering

Show me all CERT-C violations in project "EmbeddedSystem" with impact level "High" and provide code examples for fixes

User Management & Security Audit

List all users with administrator privileges and show their last login times

Role-Based Access Control

Show me the permissions and role assignments for user "developer1" and identify any security concerns

🛠️ Available Tools

ToolDescriptionExample Usage
search_defectsAdvanced defect search with filteringFind high-severity security vulnerabilities
get_defect_detailsGet detailed information about a specific defectAnalyze defect events and remediation steps
list_projectsList all accessible Coverity projectsProject inventory and access verification
list_streamsGet streams for a specific projectStream-based analysis planning
get_project_summaryGet comprehensive project analysisExecutive project health reports
list_users🆕 List all users in Coverity ConnectUser inventory and access management
get_user_details🆕 Get detailed information about a userUser profile and account status verification
get_user_roles🆕 Get user role and permission informationSecurity audit and access control review

📚 Documentation

🚀 Quick Start

English

日本語 (Japanese)

🌐 多言語サポート: 英語と日本語の完全ドキュメントを提供しています。すべてのガイドにはステップバイステップの手順、トラブルシューティングのヒント、実用的な例が含まれています。

🧪 Testing

# Run unit tests pytest tests/ # Run integration tests pytest tests/ -m integration # Run with coverage pytest --cov=coverity_mcp_server tests/ # Test with Docker docker-compose -f docker-compose.test.yml up --abort-on-container-exit

🤝 Contributing

We welcome contributions! Please see our Contributing Guide for details.

Development Setup

git clone https://github.com/keides2/coverity-connect-mcp.git cd coverity-connect-mcp python -m venv venv source venv/bin/activate # On Windows: venv\Scripts\activate pip install -e ".[dev]" pre-commit install

Submitting Changes

  1. Fork the repository
  2. Create a feature branch (git checkout -b feature/amazing-feature)
  3. Commit your changes (git commit -m 'Add amazing feature')
  4. Push to the branch (git push origin feature/amazing-feature)
  5. Open a Pull Request

📄 License

This project is licensed under the MIT License - see the LICENSE file for details.

🙏 Acknowledgments

  • Black Duck Coverity for providing the static analysis platform
  • Anthropic for the Model Context Protocol and Claude AI
  • Open Source Community for the foundational libraries and tools

📞 Support

🗺️ Roadmap

  • v1.0: Complete MCP implementation with user management ✨
  • v1.1: Advanced filtering, custom views, and analytics dashboards
  • v1.2: Multi-tenant support and enhanced user administration
  • v1.3: GraphQL API and real-time notifications
  • v1.4: Machine learning-powered defect prioritization and risk assessment
  • v2.0: Plugin architecture and third-party integrations

Made with ❤️ for the software security community

Transform your static analysis workflow with the power of AI

This server cannot be installed

-
security - not tested
A
license - permissive license
-
quality - not tested

How are these scores calculated?

hybrid server

The server is able to function both locally and remotely, depending on the configuration or use case.

A Model Context Protocol server that enables natural language interaction with the Coverity Connect static analysis platform, allowing users to manage projects, analyze snapshots, and generate security reports through AI-powered interfaces.

  1. 🚀 Features
    1. 🔍 Comprehensive Coverity Integration
    2. 🤖 AI-Powered Analysis
    3. 🛠️ Enterprise Ready
  2. 📦 Installation
    1. 🎯 Claude Desktop Integration (Recommended)
    2. 🐍 Python Package Installation
    3. Source Installation
    4. 🔧 Development Installation
    5. 🚀 Future Installation Methods
  3. ⚙️ Configuration
    1. 1. Environment Variables
    2. 2. Claude Desktop Integration
    3. 3. Docker Configuration
  4. 🎯 Usage Examples
    1. Basic Project Analysis
    2. Security-Focused Analysis
    3. Quality Reporting
    4. CI/CD Integration
    5. Advanced Filtering
    6. User Management & Security Audit
    7. Role-Based Access Control
  5. 🛠️ Available Tools
    1. 📚 Documentation
      1. 🚀 Quick Start
      2. English
      3. 日本語 (Japanese)
    2. 🧪 Testing
      1. 🤝 Contributing
        1. Development Setup
        2. Submitting Changes
      2. 📄 License
        1. 🙏 Acknowledgments
          1. 📞 Support
            1. 🗺️ Roadmap

              Related MCP Servers

              • CodeAnalysis MCP Server

                0xjcf
                A
                security
                F
                license
                A
                quality
                A comprehensive Model Context Protocol server for advanced code analysis that provides tools for syntax analysis, dependency visualization, and AI-assisted development workflow support.
                Last updated -
                28
                4
                Python

              • IR Toolshed MCP Server

                rossja
                -
                security
                A
                license
                -
                quality
                A Model Context Protocol server that provides network analysis tools for security professionals, enabling AI models like Claude to perform tasks such as ASN lookups, DNS analysis, WHOIS retrieval, and IP geolocation for security investigations.
                Last updated -
                1
                Python
                Apache 2.0
                • Linux
                • Apple

              • SharkMCP

                kriztalz
                A
                security
                A
                license
                A
                quality
                A Model Context Protocol server that provides network packet capture and analysis capabilities through Wireshark/tshark integration, enabling AI assistants to perform network security analysis and troubleshooting.
                Last updated -
                4
                18
                TypeScript
                MIT License
                • Apple
                • Linux

              • AI Use Cases MCP Server

                makinokeiichi
                -
                security
                F
                license
                -
                quality
                A Model Context Protocol server that collects, analyzes, and manages AI use case data from various information sources with features for web scraping, data analysis, and trend identification.
                Last updated -
                TypeScript

              View all related MCP servers

              New MCP Servers

              MCP directory API

              We provide all the information about MCP servers via our MCP API.

              curl -X GET 'https://glama.ai/api/mcp/v1/servers/keides2/coverity-connect-mcp'

              If you have feedback or need assistance with the MCP directory API, please join our Discord server