How to connect the Secret & Repo Scanner MCP Tool to Cursor
Scans a directory for leaked secrets, API tokens, private keys, PII (emails, SSNs), and missing .gitignore entries. This guide provides the exact configuration required to load the repo_scanner tool inside Cursor.
Step 1: Open the configuration file
Locate and open your Cursor configuration file at the following path:
macOS / Linux
~/.cursor/mcp.jsonWindows
%USERPROFILE%\.cursor\mcp.jsonStep 2: Add the server config
Copy and paste the following JSON snippet into the file. Save the file and restart Cursor.
mcp.json
{
"mcpServers": {
"agenticstore": {
"command": "uvx",
"args": ["agentic-store-mcp", "--tools", "repo_scanner"]
}
}
}Step 3: Try it out
Once restarted, ask Cursor something like this to trigger the tool:
"Scan this repository for any leaked API keys or secrets."