Ship Safer Code: Plug Codacy Guardrails Into Gemini CLI in 90 Seconds

In this article:
Subscribe to our blog:

Gemini CLI (launched 25 Jun 2025) drops Google’s Gemini 2.5 Pro straight into your terminal with a whopping 1 M-token context and free preview limits. 

Codacy AI Guardrails adds an MCP “security copilot” layer on top of any LLM.

Just pop in a token, and it blocks risky suggestions before they hit your repo. 

Quick-start

 

bash

# 1. Install both CLIs

npm i -g @google-gemini/cli @codacy/codacy-mcp

# 2. Auth Codacy once

export CODACY_ACCOUNT_TOKEN=<your-token> # keep it in .zshrc / CI secret store

# 3. Tell Gemini about the MCP

cat <<'EOF' > ~/.gemini/settings.json
{
  "mcpServers": {
    "codacy": {
        "command": "npx",
        "args": [
          "-y",
          "@codacy/codacy-mcp@latest"
        ]
      }
  },
  "contextFileName": "GEMINI.md"
}

EOF

# 4. Test

gemini /mcp desc # should list "Codacy Guardrails"

gemini "/fix vuln in src/auth.ts"

Total wall-clock: ~90 seconds, including copy-paste.

 

Watch it in action

 

 

RELATED
BLOG POSTS

How to Connect Cursor to GitHub and Codacy MCP Servers and Supercharge Your Application Security
AI tools are changing the game for developers. Whether you're using them to autocomplete code, generate new code, debug issues, or even streamline your...
Introducing Codacy Labs: our experimental playground
Listening to customers is what makes your product thrive. At Codacy, we deeply care about our customer’s needs and that’s why we created the Codacy...
Introducing Codacy Guardrails
AI has intertwined itself with software development. In every phase, developers are being enhanced and assisted in producing software faster.

Automate code
reviews on your commits and pull request