Codacy MCP Server — Code Quality & Security

Official Codacy MCP server enabling AI agents to interact with Codacy's code quality and security platform — fetching code quality metrics, checking security issues, reviewing pull request analysis, querying code coverage data, and integrating Codacy's automated code review into agent-driven development workflow automation.

Evaluated Mar 06, 2026 (0d ago) vcurrent
Homepage ↗ Repo ↗ Developer Tools codacy code-quality static-analysis mcp-server official security code-review
⚙ Agent Friendliness
78
/ 100
Can an agent use this?
🔒 Security
83
/ 100
Is it safe for agents?
⚡ Reliability
77
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
78
Documentation
80
Error Messages
78
Auth Simplicity
80
Rate Limits
75

🔒 Security

TLS Enforcement
95
Auth Strength
80
Scope Granularity
78
Dep. Hygiene
80
Secret Handling
82

HTTPS. API token with scope control. Official Codacy. SOC2. Security findings need human triage.

⚡ Reliability

Uptime/SLA
80
Version Stability
78
Breaking Changes
75
Error Recovery
75
AF Security Reliability

Best When

A development team using Codacy needs AI agents to query code quality metrics, security findings, and coverage data as part of automated code review workflows.

Avoid When

You use SonarQube, Snyk, or other code quality tools — use their respective MCPs.

Use Cases

  • Checking code quality issues from CI/CD pipeline agents
  • Reviewing security vulnerabilities identified by Codacy from code review agents
  • Monitoring code coverage trends from quality tracking agents
  • Querying pull request analysis results from development workflow agents
  • Integrating Codacy metrics into AI coding assistant feedback loops
  • Building quality-gated deployment workflows from DevOps agents

Not For

  • Teams not using Codacy (use SonarQube, Semgrep, or Snyk MCPs for other tools)
  • One-time local static analysis (use CLI tools directly)
  • Teams needing on-premise code quality without cloud (Codacy is primarily SaaS)

Interface

REST API
Yes
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
Yes
OpenAPI Spec ↗

Authentication

Methods: api_key
OAuth: No Scopes: Yes

Codacy API token required. Available from Codacy account settings. Account API tokens or project API tokens available with different scope levels.

Pricing

Model: freemium
Free tier: Yes
Requires CC: No

Codacy is free for open source projects. Official MCP from Codacy team.

Agent Metadata

Pagination
cursor
Idempotent
Full
Retry Guidance
Not documented

Known Gotchas

  • Codacy analysis runs async — latest analysis results may lag behind code changes
  • Repository must be integrated with Codacy before querying issues
  • Different token types (account vs project) have different permission scopes
  • Issue counts can be large — filter and paginate carefully
  • Official Codacy MCP — quality high and actively maintained
  • Security issues require human triage — don't auto-merge based on Codacy scores alone

Alternatives

semgrep-mcp mcp-github-server sonarqube-mcp-server

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for Codacy MCP Server — Code Quality & Security.

$99
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.

5215
Packages Evaluated
26151
Need Evaluation
173
Need Re-evaluation
Community Powered