This guide covers installation, configuration, and usage of the CodeQL Development MCP Server.
- Node.js v25.2.1 or later (nodejs.org)
- CodeQL CLI (github.com/github/codeql-cli-binaries)
- VS Code with GitHub Copilot extension
- Download the latest release from Releases
- Extract:
unzip codeql-development-mcp-server-vX.X.X.zip -d /path/to/destination
git clone --recurse-submodules https://github.com/advanced-security/codeql-development-mcp-server.git
cd codeql-development-mcp-server
npm install && npm run buildAdd to your mcp.json file:
| OS | Location |
|---|---|
| macOS | ~/Library/Application Support/Code/User/mcp.json |
| Windows | %APPDATA%\Code\User\mcp.json |
| Linux | ~/.config/Code/User/mcp.json |
{
"servers": {
"codeql-dev-mcp-server": {
"command": "node",
"args": ["/path/to/destination/server/dist/ql-mcp-server.js"],
"type": "stdio"
}
}
}| Variable | Description | Default |
|---|---|---|
TRANSPORT_MODE |
stdio or http |
stdio |
PORT |
HTTP port | 3000 |
DEBUG |
Enable debug logging | false |
CODEQL_PATH |
Path to CodeQL CLI | (PATH) |
- Restart VS Code
- Open Command Palette (
Ctrl+Shift+P/Cmd+Shift+P) - Run "GitHub Copilot: List MCP Servers"
- Confirm
codeql-dev-mcp-serverappears
- Server not listed: Verify absolute path in
mcp.json, restart VS Code - CodeQL errors: Run
codeql --versionto confirm CLI is installed - Permission denied: Check file permissions on server directory
- Tools Reference - Available MCP tools and usage