Analyze your code

Transmit the analysis results of your code snippets or entire files to enhance your development workflow using the SonarQube MCP Server directly within your AI agent context.

Once the MCP Server is set up, you can analyze code snippets directly within your agent context.

Example in Cursor

In the chat, you ask can the agent to perform the following actions:

"analyze the current file with SonarQube".
"analyze the following piece of code with SonarQube" to analyze a piece of code that you paste into the chat. Note that this command has limitations as some analyzers require the full context of the file to run an analysis.

Example of "analyze the current file with SonarQube" in Cursor.

You can also add explicit context for the analysis. See the Cursor documentation for more details on adding context.

New and improved SonarQube MCP Server Tools are continuously being added. Be sure to always pull the latest version.

If a feature isn’t available in our tools, you can try to retrieve the full set of results and ask the agent to filter them for you. For example, at this time, the SonarQube MCP Server doesn't support filtering issues by author. To find issues authored by Claudia, you can fetch all issues and then ask your AI agent to filter the results to those written by Claudia.

Example prompts

Once you've set up the SonarQube MCP Server, here are some example prompts for common real-world scenarios.

Fixing a failing quality gate

My quality gate is failing for my project. Can you help me understand why and fix the most critical issues?

The quality gate on my feature branch is red. What do I need to fix to get it passing before I can merge to main?

Pre-release and pre-merge checks

I'm about to merge my pull request <#247> for the <web-app> project. Can you check if there are any quality issues I should address first?

We're deploying to production tomorrow. Can you check the quality gate status and alert me to any critical issues in this branch?

Improving code quality

I want to reduce technical debt in my project. What are the top issues I should prioritize?

Our code coverage dropped below 70%. Can you identify which files have the lowest coverage and help me improve it?

Understanding and fixing issues

I have 15 new code smells in my latest commit. Can you explain what they are and help me fix them?

SonarQube flagged a critical security vulnerability in <AuthController.java>. What's the issue and how do I fix it?

Security and dependency management

We need to pass a security audit. Can you check all our projects for security vulnerabilities and create a prioritized list of what needs to be fixed?

Are there any known vulnerabilities in our dependencies? Check this project for dependency risks.

Code review assistance

I just wrote this authentication function. Can you analyze it for security issues and code quality problems before I commit?

Review the changes in <src/database/migrations> for any potential bugs or security issues.

Project health monitoring

Give me a health report for my project: quality gate status, number of bugs, Security Hotspots, and code coverage.

Compare code quality between our main branch and the develop branch. Are we introducing new issues?

Team collaboration

What are the most common rule violations across all our projects? We might need to update our coding standards.

Show me all the issues that were marked as false positives in the last month. Are we seeing patterns that suggest our rules need adjustment?

PreviousTools NextResources

Last updated 2 days ago

Was this helpful?

Good afternoon

hashtagExample in Cursor

hashtagExample prompts

Example in Cursor

Example prompts