SonarCloud MCP Server

fetch_sonarcloud_issues

Retrieve and filter SonarCloud issues for a specific pull request, enabling developers to identify and address code quality problems efficiently.

Instructions

Fetch SonarCloud issues for a specific pull request

Input Schema

TableJSON Schema

Name	Required	Description
`additionalFields`	No	Comma-separated list of the optional fields to be returned in response. Action plans are dropped in 5.5, it is not returned in the response.
`asc`	No	Ascending sort (default: true)
`assigned`	No	To retrieve assigned or unassigned issues
`assignees`	No	Comma-separated list of assignee logins. The value '__me__' can be used as a placeholder for user who performs the request
`author`	No	SCM accounts. To set several values, the parameter must be called once for each value.
`branch`	No	Branch key
`cleanCodeAttributeCategories`	No	Comma-separated list of clean code attribute categories.
`componentKeys`	No	Comma-separated list of component keys. Retrieve issues associated to a specific list of components (and all its descendants). A component can be a project, directory or file.
`createdAfter`	No	To retrieve issues created after the given date (inclusive). Either a date (server timezone) or datetime can be provided. If this parameter is set, createdSince must not be set
`createdAt`	No	Datetime to retrieve issues created during a specific analysis
`createdBefore`	No	To retrieve issues created before the given date (inclusive). Either a date (server timezone) or datetime can be provided.
`createdInLast`	No	To retrieve issues created during a time span before the current time (exclusive). Accepted units are 'y' for year, 'm' for month, 'w' for week and 'd' for day. If this parameter is set, createdAfter must not be set
`cwe`	No	Comma-separated list of CWE identifiers. Use 'unknown' to select issues not associated to any CWE.
`facets`	No	Comma-separated list of the facets to be computed. No facet is computed by default.
`impactSeverities`	No	Comma-separated list of impact severities.
`impactSoftwareQualities`	No	Comma-separated list of software qualities.
`issueStatuses`	No	Comma-separated list of issue statuses
`issues`	No	Comma-separated list of issue keys
`languages`	No	Comma-separated list of languages. Available since 4.4
`onComponentOnly`	No	Return only issues at a component's level, not on its descendants (modules, directories, files, etc). This parameter is only considered when componentKeys or componentUuids is set. (default: false)
`organization`	No	Organization key
`owaspTop10`	No	Comma-separated list of OWASP Top 10 lowercase categories.
`owaspTop10-2021`	No	Comma-separated list of OWASP Top 10 - 2021 lowercase categories.
`p`	No	1-based page number (default: 1)
`ps`	No	Page size. Must be greater than 0 and less or equal than 500 (default: 100)
`pullRequest`	No	Pull request id
`resolved`	No	To match resolved or unresolved issues
`rules`	No	Comma-separated list of coding rule keys. Format is <repository>:<rule>
`s`	No	Sort field
`sinceLeakPeriod`	No	To retrieve issues created since the leak period. If this parameter is set to a truthy value, createdAfter must not be set and one component id or key must be provided. (default: false)
`sonarsourceSecurity`	No	Comma-separated list of SonarSource security categories. Use 'others' to select issues not associated with any category
`tags`	No	Comma-separated list of tags.
`token`	No	SonarCloud API token (optional if set in environment)

Tool Definition Quality

C2.7/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden of behavioral disclosure but fails to do so. It doesn't mention whether this is a read-only operation, if it requires authentication (implied by the 'token' parameter but not stated), rate limits, pagination behavior (implied by 'p' and 'ps' parameters), or what the response format looks like. This is inadequate for a tool with 33 parameters and no output schema.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence that directly states the tool's purpose without unnecessary words. It's appropriately sized and front-loaded, making it easy for an agent to parse quickly, though its brevity contributes to gaps in other dimensions.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (33 parameters, no annotations, no output schema), the description is incomplete. It doesn't address behavioral aspects like authentication needs, pagination, or response format, nor does it guide usage relative to the sibling tool. For a data-fetching tool with many filtering options, more context is needed to help the agent use it effectively.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The description adds no parameter semantics beyond what the input schema provides. Since schema description coverage is 100%, the schema already documents all 33 parameters thoroughly. The description doesn't explain key parameters like 'pullRequest' or how filtering works, so it meets the baseline of 3 without adding value over the structured data.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose3/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description states the tool's purpose as 'Fetch SonarCloud issues for a specific pull request', which includes a verb ('fetch') and resource ('SonarCloud issues'). However, it's vague about what 'fetch' entails (e.g., retrieving, listing, or filtering issues) and doesn't differentiate from the sibling tool 'summarize_sonarcloud_issues', leaving ambiguity about when to use each.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus the sibling 'summarize_sonarcloud_issues' or other alternatives. It lacks context about prerequisites, such as needing a pull request ID or authentication, and offers no explicit when/when-not scenarios, leaving the agent to infer usage from parameters alone.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Related Tools

summarize_sonarcloud_issuesC
@dozzman/sonarcloud-mcp
search_issuesC
@tuanle96/mcp-github
search_issues
@MissionSquad/mcp-github
repo_list_pull_requests_by_projectB
@ennuiii/DevOpsMcpPAT
get_pull_requests
@nulab/backlog-mcp-server
repo_list_pull_requests_by_repoC
@ennuiii/DevOpsMcpPAT

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/dozzman/sonarcloud-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server