SWC Secure MCP — VS Code / Cursor extension

Installs and registers the bundled swc-mcp stdio MCP server in VS Code or Cursor, and provides a Setup sidebar to configure credentials and tool policy without editing mcp.json secrets.

What the extension does

MCP server registration

On activation, the extension registers the bundled server so your editor can start it over stdio:

VS Code — via vscode.lm.registerMcpServerDefinitionProvider (MCP server definition swc-mcp).
Cursor — via vscode.cursor.mcp.registerServer when that API is available.

The server binary ships inside the extension (resources/server/index.js). Node.js on PATH is used to launch it.

If credentials are not configured yet, VS Code may prompt you to open Setup the first time the server is resolved.

Open the swc-mcp activity bar icon → Setup webview (or run swc-mcp: Open Setup).

Each tab in the sidebar shows a green or yellow dot for credential status. Integration tabs also show a tool enablement badge (enabled/total).

Tab	Purpose
General	Server display name, version, and log level; Reset all
GitLab	Base URL and personal access token
Figma	API base URL and personal access token
Jira	Base URL, API version, optional email, PAT
Confluence	Base URL, optional email, PAT
Slack	API base URL and bot token

For each integration tab you can:

Save & verify — credentials are checked against the provider API, then stored in the OS secure store under swc-mcp/<account> (not in workspace files).
Leave secret fields blank on a later save to keep the existing token.
Reset — remove that integration’s credentials after confirmation.
Enable or disable MCP tools — per-tool toggles and a summary badge (tools you disable are blocked by server policy).

The General tab offers Reset all, which removes server and provider credentials and restores the built-in tool policy (read tools enabled, write tools disabled).

Commands

Command	Description
`swc-mcp: Open Setup`	Focus the Setup webview
`swc-mcp: Export Portable Server`	Export bundled server + `mcp.json` helpers
`swc-mcp: Copy mcp.json Example`	Copy snippet for the bundled binary

Requirements

VS Code 1.102+ or Cursor with extension support
Node.js >= 20.11 on PATH (used to run the bundled server)
Windows or macOS to configure credentials in the OS secure store from the UI

On Linux, Setup opens in read-only mode: you see platform guidance, but credential forms, tool toggles, and Reset all are disabled. Configure secrets with the swc-mcp CLI on Windows or macOS, or use exported portable + manual mcp.json elsewhere.

Quick start

Install the extension (marketplace, VSIX, or F5 from extension/ during development).
Open swc-mcp → Setup.
On General, adjust server settings if needed.
Open each integration you need, enter credentials, and Save & verify.
Optionally tune which MCP tools are enabled per integration.
Confirm the swc-mcp MCP server appears in your editor’s MCP list and connect as usual.

Credentials and tool policy live in the secure store; the extension registers the stdio server automatically—no manual mcp.json is required inside the IDE.

MCP tools and security

The extension does not implement GitLab/Figma/Jira/Confluence/Slack APIs itself—it configures the bundled swc-mcp server, which exposes those integrations as MCP tools. Tool enablement is enforced server-side from secure-store policy.

For token scopes, provider setup steps, and security notes for the server, see the repository root README and END_USER_GUIDE.md in the parent project.

Building from source

Developers working on this repo: build and package the extension from the repository root (npm run build:extension, npm run package:extension). See the root README for the full monorepo layout.

SWC MCP Tools

Dzmitry Bulauka