Everything you need for code security in the terminal.
Secrets Scanning
Detect hardcoded secrets, API keys, and credentials before they reach your repository. Integrates as a pre-commit hook.
Claude Integration
Wire Claude Code into your SonarQube workflow. Get AI-assisted fixes for issues surfaced by SonarQube analysis.
Issue Explorer
Query and filter SonarQube issues from your terminal or agent. JSON and TOON output formats pipe directly into LLM workflows without extra post-processing.
Git Hooks
Block bad commits automatically. Pre-commit hooks run secrets and quality checks before every git commit.
MCP Server
Expose SonarQube tools as a Model Context Protocol server. Any MCP-compatible agent can list issues, scan files, and query projects.
Multi-platform
Native binaries for Linux, macOS (Intel and Apple Silicon), and Windows. One install script, zero dependencies.
Code Quality Analysis
Run advanced static analysis via the SonarQube A3S API on any file. Catch bugs and code smells before they land in review.
Secure Keychain Auth
Tokens are stored in the OS keychain — never in plain files. Authenticate once and every command just works.