.svg)
AI has intertwined itself with software development. In every phase, developers are being enhanced and assisted in producing software faster.
Moving fast is fundamental in a fast-moving world. But moving fast is not good enough.
Software developers must remain wary of a whole world of concerns at all times.
They must ensure that software is secure; otherwise, the consequences are dire. They must also ensure that software is maintainable; otherwise, technical debt accrues, leaving products unsustainable.
Development teams everywhere are silently worrying that speed will eventually come at high costs down the line.
This will be one of the largest problems our industry will face in the next decade. Because of the speed at which the world is expected to turn, there will be massive security breaches and enormous quality overheads. Speed is now part of the equation; no one is slowing down.
At Codacy, we’ve been witnessing this and can’t sit idly anymore.
It All Starts With "Hello World"
Today, we’re unveiling Codacy Guardrails, a first-of-its-kind solution built to help fast-moving teams maintain security and code quality in AI-assisted development.
The first aspect of Codacy Guardrails is its MCP server. With this, our customers will now be able to let their AI-assisted development tools (including IDEs like Cursor or Windsurf) have full access to all the security and quality information of their repos and organizations.
This will be transformative for how software developers and managers interact with their codebases. The MCP server effectively supercharges any LLM to have quality and security considerations, to fix any security or quality issue, to increase coverage, to prioritize effectively, to create reports, and to slice and dice the data however you please.
We’ve empowered the most powerful AI assistants: the ones that collaborate with you in developing software.
Codacy Guardrails MCP server is available now.
Codacy Guardrails Is Also a Journey, and This Is the First Step
We have a roadmap for Codacy Guardrails in which we will be a fundamental part of your workflow to make sure software is secure and reliable.
Today, we’ve launched the first step. This step connects our customers' wide spectrum of quality and security analysis with the power and control of AI-assisted IDE and tooling.
This is our first building block. Over the next few months, we will build on top of it and extend our safety and quality guardrails.
We’re excited about what’s coming. Guardrails constitutes the sum of our experience building quality and security products for over 10 years, and we’re moving as fast as we ever moved to bring you this.
Try Guardrails Today
Guardrails is now available to existing Codacy Business customers at no additional charge and will become publicly available in the coming weeks.
It works seamlessly with most popular AI coding assistants like Cursor, Windsurf, and many others if they can interact with MCP servers.
It also integrates directly into VSCode and IntelliJ via Codacy’s IDE plugin, making it easy to enforce coding standards across your development environment.
Try it out today:
1. Install Codacy Extension
Guardrails for Cursor and Windsurf
Search the Codacy Extension in Cursor or Windsurf, install, log in, and click the “MCP server” button. Note that the Codacy Cursor extension version must be at least 1.1.0 - some users report Cursor not presenting the most current version for many extensions - if that’s the case, you can download the correct extension package from https://open-vsx.org/extension/codacy-app/codacy
Guardrails for VSCode Copilot Agent, Claude Code, and others
If you are using the latest VSCode Insiders version with MCP support, or if you’re using any other MCP-compatible AI coding assistant, you can manually add the Codacy MCP Server following the instructions in the NPM package: https://www.npmjs.com/package/@codacy/codacy-mcp2. Install Codacy MPC Server on your AI coding assistant of choice.
