Remote OpenClaw
Menu

checkmarx-security-mcp

MCP-plugin

securityClaude Codeby cx-hitesh-madgulkar

Summary

Claude Code plugin that connects to the Checkmarx security-mcp server. Exposes SAST, SCA, KICS, container, and secret-detection workflows: list projects/applications, trigger and monitor scans, inspect findings, and generate AI-driven remediation.

Install to Claude Code

/plugin install checkmarx-security-mcp@MCP-plugin

Run in Claude Code. Add the marketplace first with /plugin marketplace add cx-hitesh-madgulkar/MCP-plugin if you haven't already.

README.md

MCP-plugin — Checkmarx Plugin Marketplace for Claude Code

This repository is a Claude Code plugin marketplace published by Checkmarx. It currently hosts one plugin:

| Plugin | Description | | ---------------------------------------------------------------- | ------------------------------------------------------------------------------------------ | | checkmarx-security-mcp | Connects Claude to the Checkmarx One platform via the security-mcp server (SAST / SCA / KICS / secret detection / remediation). |

Install

From the Claude Code CLI:

# Register this repo as a marketplace (one-time)
/plugin marketplace add cx-hitesh-madgulkar/MCP-plugin

# Install a plugin from it
/plugin install checkmarx-security-mcp@MCP-plugin

# Enable
/plugin enable checkmarx-security-mcp

> /plugin is only available in the Claude Code CLI. The VS Code extension does not expose this command — use the terminal.

See each plugin's own README for its setup, environment variables, and usage:

Repository layout

MCP-plugin/
├─ .claude-plugin/
│  └─ marketplace.json                ← marketplace manifest (lists plugins)
├─ plugins/
│  └─ checkmarx-security-mcp/
│     ├─ .claude-plugin/
│     │  └─ plugin.json               ← plugin metadata
│     ├─ .mcp.json                    ← MCP server config (HTTP + Bearer auth)
│     └─ README.md
└─ README.md                          ← (this file)

Contributing a new plugin

1. Create plugins/<your-plugin>/ with .claude-plugin/plugin.json, .mcp.json (if it wraps an MCP server), and README.md. 2. Add an entry for it to plugins in .claude-plugin/marketplace.json. 3. Open a PR.

Related plugins

Browse all →

1Password

samalone-plugins

Securely work with 1Password through the op CLI. Manage vaults, items, and secrets without exposing plaintext values to Claude.

Open plugin →

42crunch-api-security-testing

claude-plugins-official

Automate API security directly in Claude Code with 42Crunch - automatically audit OpenAPI specs, detect vulnerabilities aligned with OWASP API Security risks (including BOLA/BFLA), and apply AI-powered fixes. Designed for AI-assisted development workflows, it provides continuous guardrails through an audit->scan->remediate->validate loop, ensuring APIs meet enterprise security standards before deployment.

Open plugin →

aeo-security

aeo-skill-marketplace

Security assessment agents for vulnerability scanning, compliance validation, code auditing, and remediation guidance

Open plugin →

agentic-guardrails

agentic-guardrails-plugin

Nothing is ever destroyed: deletion redirected to a reversible archive, pre-image snapshots on every write, checkout/publish workflow for Office documents, placeholder/stub protection in cloud-synced folders, and policy-driven command and content blocking.

Open plugin →

auth0

claude-plugins-official

Enterprise-grade auth, easy to implement. Add login, SSO, MFA, and access control to any app with framework-aware guidance.

Open plugin →

backend-api-security

claude-code-workflows

API security hardening, authentication implementation, authorization patterns, rate limiting, and input validation

Open plugin →

Browse

Plugins by category

Other2041development375productivity237communication49design47security46database40workflow30compliance28product24data22bundle21