SonarCloud MCP Server

fetch_sonarcloud_issues

Retrieve and filter SonarCloud issues for a pull request, enabling you to identify and fix code quality problems.

Instructions

Fetch SonarCloud issues for a specific pull request

Input Schema

TableJSON Schema

Name	Required	Description
`additionalFields`	No	Comma-separated list of the optional fields to be returned in response. Action plans are dropped in 5.5, it is not returned in the response.
`asc`	No	Ascending sort (default: true)
`assigned`	No	To retrieve assigned or unassigned issues
`assignees`	No	Comma-separated list of assignee logins. The value '__me__' can be used as a placeholder for user who performs the request
`author`	No	SCM accounts. To set several values, the parameter must be called once for each value.
`branch`	No	Branch key
`cleanCodeAttributeCategories`	No	Comma-separated list of clean code attribute categories.
`componentKeys`	No	Comma-separated list of component keys. Retrieve issues associated to a specific list of components (and all its descendants). A component can be a project, directory or file.
`createdAfter`	No	To retrieve issues created after the given date (inclusive). Either a date (server timezone) or datetime can be provided. If this parameter is set, createdSince must not be set
`createdAt`	No	Datetime to retrieve issues created during a specific analysis
`createdBefore`	No	To retrieve issues created before the given date (inclusive). Either a date (server timezone) or datetime can be provided.
`createdInLast`	No	To retrieve issues created during a time span before the current time (exclusive). Accepted units are 'y' for year, 'm' for month, 'w' for week and 'd' for day. If this parameter is set, createdAfter must not be set
`cwe`	No	Comma-separated list of CWE identifiers. Use 'unknown' to select issues not associated to any CWE.
`facets`	No	Comma-separated list of the facets to be computed. No facet is computed by default.
`impactSeverities`	No	Comma-separated list of impact severities.
`impactSoftwareQualities`	No	Comma-separated list of software qualities.
`issueStatuses`	No	Comma-separated list of issue statuses
`issues`	No	Comma-separated list of issue keys
`languages`	No	Comma-separated list of languages. Available since 4.4
`onComponentOnly`	No	Return only issues at a component's level, not on its descendants (modules, directories, files, etc). This parameter is only considered when componentKeys or componentUuids is set. (default: false)
`organization`	No	Organization key
`owaspTop10`	No	Comma-separated list of OWASP Top 10 lowercase categories.
`owaspTop10-2021`	No	Comma-separated list of OWASP Top 10 - 2021 lowercase categories.
`p`	No	1-based page number (default: 1)
`ps`	No	Page size. Must be greater than 0 and less or equal than 500 (default: 100)
`pullRequest`	No	Pull request id
`resolved`	No	To match resolved or unresolved issues
`rules`	No	Comma-separated list of coding rule keys. Format is <repository>:<rule>
`s`	No	Sort field
`sinceLeakPeriod`	No	To retrieve issues created since the leak period. If this parameter is set to a truthy value, createdAfter must not be set and one component id or key must be provided. (default: false)
`sonarsourceSecurity`	No	Comma-separated list of SonarSource security categories. Use 'others' to select issues not associated with any category
`tags`	No	Comma-separated list of tags.
`token`	No	SonarCloud API token (optional if set in environment)

Tool Definition Quality

C2.8/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries full responsibility for behavioral disclosure. It does not mention side effects, required authentication, rate limits, pagination behavior (though the schema includes p and ps), or what happens when no criteria are specified. The description is too sparse to inform the AI about critical runtime behavior.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness3/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single sentence, which is concise but omits essential information for a tool with 33 parameters. It is not front-loaded with the most important usage details. While every word is justified, the overall structure fails to earn its place due to under-specification.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

The tool has a complex input schema with 33 parameters, no output schema, and no annotations. The description only covers one use case (pull request) and does not mention common filtering patterns, response structure, or limitations. It is not adequate for an AI to understand the full scope and proper invocation of the tool.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

With 100% schema description coverage, the baseline is 3. The description adds no parameter-specific meaning beyond what the schema already provides. For example, it does not highlight that 'pullRequest' is a key parameter or explain how it interacts with other filters. The schema itself is well-documented, so the description adds no extra semantic value.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description uses a specific verb 'Fetch' and identifies the resource 'SonarCloud issues' with a qualifier 'for a specific pull request'. However, this is overly narrow because the tool supports filtering by many other criteria (branch, componentKeys, etc.), not only pull requests. The purpose is clear but misleadingly constrained.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus the sibling 'summarize_sonarcloud_issues'. There is no mention of when not to use it, prerequisites, or context-dependent preferences. The lack of usage direction forces the AI to infer from the schema alone.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/dozzman/sonarcloud-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server