MCP SEMCL.ONE IDE Integration Guide

November 24, 2025 • by SEMCL.ONE Team

Integrate the SEMCL.ONE MCP server with popular AI-powered IDEs for seamless OSS compliance analysis

This guide explains how to integrate the SEMCL.ONE MCP server with popular AI-powered IDEs for seamless OSS compliance analysis directly within your development environment.

Supported IDEs

The SEMCL.ONE MCP server works with any IDE that supports the Model Context Protocol (MCP):

Cursor IDE
Cline
Kiro IDE
VS Code (with MCP extensions)
JetBrains IDEs (with AI plugin + MCP support)

Prerequisites

Install mcp-semclone (choose one method):

Option A: Using pipx (recommended):

# Install pipx if you don't have it
pip install pipx
pipx ensurepath

# Install mcp-semclone
pipx install mcp-semclone

# IMPORTANT: Install all CLI dependencies - required by some agents
# Use --include-apps to make CLI commands globally available
pipx inject mcp-semclone purl2notices purl2src osslili binarysniffer ospac vulnq upmex --include-apps

Option B: Using pip:

pip install mcp-semclone

Verify installation:

python -m mcp_semclone.server --version

Cursor IDE Integration

Quick Setup

Locate your Cursor configuration directory:
- macOS/Linux: ~/.cursor/
- Windows: %USERPROFILE%\.cursor\

Create or edit mcp.json:

For project-specific configuration (recommended):

mkdir -p .cursor

Create .cursor/mcp.json:

If installed with pipx:

{
  "mcpServers": {
    "semclone": {
      "command": "/path/to/your/.local/pipx/venvs/mcp-semclone/bin/python3",
      "args": ["-m", "mcp_semclone.server"],
      "env": {},
      "disabled": false,
      "autoApprove": [
        "scan_directory",
        "scan_binary",
        "check_package",
        "download_and_scan_package",
        "generate_legal_notices",
        "generate_legal_notices_from_purls",
        "generate_sbom",
        "validate_policy",
        "validate_license_list",
        "get_license_obligations",
        "check_license_compatibility",
        "get_license_details",
        "analyze_commercial_risk",
        "run_compliance_check"
      ]
    }
  }
}

If installed with pip:

{
  "mcpServers": {
    "semclone": {
      "command": "/path/to/your/python",
      "args": ["-m", "mcp_semclone.server"],
      "env": {},
      "disabled": false,
      "autoApprove": [
        "scan_directory",
        "scan_binary",
        "check_package",
        "download_and_scan_package",
        "generate_legal_notices",
        "generate_legal_notices_from_purls",
        "generate_sbom",
        "validate_policy",
        "validate_license_list",
        "get_license_obligations",
        "check_license_compatibility",
        "get_license_details",
        "analyze_commercial_risk",
        "run_compliance_check"
      ]
    }
  }
}

For global configuration (all projects): Create ~/.cursor/mcp.json with the same content.

Find your pipx Python path:

# macOS/Linux
echo "$HOME/.local/pipx/venvs/mcp-semclone/bin/python3"

# Or locate it automatically
pipx list --include-injected | grep mcp-semclone -A 3

Restart Cursor IDE
Verify connection:
- Open Cursor
- The AI should now have access to SEMCL.ONE tools
- Try asking: “Scan this project for license compliance issues”

Advanced Configuration

With Environment Variables

{
  "mcpServers": {
    "semclone": {
      "command": "python",
      "args": ["-m", "mcp_semclone.server"],
      "env": {
        "CUSTOM_VAR": "value"
      }
    }
  }
}

Using Variable Interpolation

{
  "mcpServers": {
    "semclone": {
      "command": "${env:PYTHON_PATH}",
      "args": ["-m", "mcp_semclone.server"],
      "env": {
        "WORKSPACE_ROOT": "${workspaceFolder}"
      }
    }
  }
}

Available variables:

${env:NAME} - Environment variable
${workspaceFolder} - Project root directory
${userHome} - User home directory
${workspaceFolderBasename} - Project folder name

Kiro IDE Integration

Kiro is Amazon’s new agentic AI IDE with native MCP support.

Quick Setup

Locate your Kiro configuration directory:
- macOS/Linux: ~/.kiro/settings/
- Windows: %USERPROFILE%\.kiro\settings\

Create or edit mcp.json:

For workspace-specific configuration:

mkdir -p .kiro/settings

Create .kiro/settings/mcp.json:

If installed with pipx:

{
  "mcpServers": {
    "semclone": {
      "command": "/path/to/your/.local/pipx/venvs/mcp-semclone/bin/python3",
      "args": ["-m", "mcp_semclone.server"],
      "env": {},
      "disabled": false,
      "autoApprove": [
        "scan_directory",
        "scan_binary",
        "check_package",
        "download_and_scan_package",
        "generate_legal_notices",
        "generate_legal_notices_from_purls",
        "generate_sbom",
        "validate_policy",
        "validate_license_list",
        "get_license_obligations",
        "check_license_compatibility",
        "get_license_details",
        "analyze_commercial_risk",
        "run_compliance_check"
      ]
    }
  }
}

If installed with pip:

{
  "mcpServers": {
    "semclone": {
      "command": "/path/to/your/python",
      "args": ["-m", "mcp_semclone.server"],
      "env": {},
      "disabled": false,
      "autoApprove": [
        "scan_directory",
        "scan_binary",
        "check_package",
        "download_and_scan_package",
        "generate_legal_notices",
        "generate_legal_notices_from_purls",
        "generate_sbom",
        "validate_policy",
        "validate_license_list",
        "get_license_obligations",
        "check_license_compatibility",
        "get_license_details",
        "analyze_commercial_risk",
        "run_compliance_check"
      ]
    }
  }
}

Find your pipx Python path:

# macOS/Linux
echo "$HOME/.local/pipx/venvs/mcp-semclone/bin/python3"

# Windows
echo "%USERPROFILE%\.local\pipx\venvs\mcp-semclone\Scripts\python.exe"

# Or locate it automatically
pipx list --include-injected | grep mcp-semclone -A 3

For user-wide configuration: Create ~/.kiro/settings/mcp.json with the same content.

Restart Kiro IDE
Enable MCP in Settings:
- Open Kiro Settings
- Navigate to MCP section
- Verify “semclone” server is listed and connected

Configuration Fields Explained

Field	Required	Description
`command`	Yes	Executable command (must be in PATH or use full path)
`args`	Yes	Array of command arguments
`env`	Yes	Environment variables (can be empty object)
`disabled`	Yes	Set to `false` to enable the server
`autoApprove`	Yes	List of tools that don’t require user confirmation

Auto-Approve Tool List

The autoApprove field allows these tools to run without prompting the user:

License Analysis: get_license_details, get_license_obligations, check_license_compatibility
Package Scanning: scan_directory, scan_binary, check_package, download_and_scan_package
Policy & Risk: validate_policy, analyze_commercial_risk, validate_license_list
Documentation: generate_legal_notices, generate_legal_notices_from_purls, generate_sbom
Complete Workflow: run_compliance_check (one-shot compliance check for any project type)

Note: Only include tools you trust to run automatically. You can remove sensitive tools if needed.

Cline Integration

Cline is a popular AI coding extension for VS Code with native MCP support.

Quick Setup

Install Cline extension in VS Code from the marketplace
Locate your Cline configuration:
- Open Cline settings in VS Code
- Look for “MCP Settings” or configuration file path
- Typically stored in VS Code settings or a separate config file

Create or edit MCP configuration:

If installed with pipx:

{
  "mcpServers": {
    "semclone": {
      "command": "/path/to/your/.local/pipx/venvs/mcp-semclone/bin/python3",
      "args": ["-m", "mcp_semclone.server"],
      "env": {},
      "disabled": false,
      "autoApprove": [
        "scan_directory",
        "scan_binary",
        "check_package",
        "download_and_scan_package",
        "generate_legal_notices",
        "generate_legal_notices_from_purls",
        "generate_sbom",
        "validate_policy",
        "validate_license_list",
        "get_license_obligations",
        "check_license_compatibility",
        "get_license_details",
        "analyze_commercial_risk",
        "run_compliance_check"
      ]
    }
  }
}

If installed with pip:

{
  "mcpServers": {
    "semclone": {
      "command": "/path/to/your/python",
      "args": ["-m", "mcp_semclone.server"],
      "env": {},
      "disabled": false,
      "autoApprove": [
        "scan_directory",
        "scan_binary",
        "check_package",
        "download_and_scan_package",
        "generate_legal_notices",
        "generate_legal_notices_from_purls",
        "generate_sbom",
        "validate_policy",
        "validate_license_list",
        "get_license_obligations",
        "check_license_compatibility",
        "get_license_details",
        "analyze_commercial_risk",
        "run_compliance_check"
      ]
    }
  }
}

Find your pipx Python path:

# macOS/Linux
echo "$HOME/.local/pipx/venvs/mcp-semclone/bin/python3"

# Windows
echo "%USERPROFILE%\.local\pipx\venvs\mcp-semclone\Scripts\python.exe"

# Or locate it automatically
pipx list --include-injected | grep mcp-semclone -A 3

Find your Python path (for pip installation):

# macOS/Linux
which python3

# Windows
where python

Restart VS Code or reload Cline
Verify connection:
- Open Cline panel in VS Code
- Check that MCP tools are available
- Try asking: “Scan this project for license compliance issues”

Configuration Fields

Field	Required	Description
`command`	Yes	Full path to Python executable
`args`	Yes	Arguments to run the MCP server
`env`	Yes	Environment variables (can be empty object)
`disabled`	Yes	Set to `false` to enable the server
`autoApprove`	Yes	List of tools that don’t require user confirmation

Important Notes:

Use full paths for the command field (not just “python” or “python3”)
Install all dependencies with pipx inject if using pipx - some agents require CLI tool access
The autoApprove list allows tools to run without prompting for each execution

VS Code Integration

VS Code requires an MCP extension to support the Model Context Protocol.

Install MCP extension (check VS Code marketplace for latest)

Configure in settings.json:

{
  "mcp.servers": {
    "semclone": {
      "command": "python",
      "args": ["-m", "mcp_semclone.server"]
    }
  }
}

JetBrains IDEs Integration

JetBrains IDEs (IntelliJ IDEA, PyCharm, WebStorm, etc.) support MCP through the AI plugin.

Install AI plugin
Enable MCP support in AI plugin settings
Configure MCP servers following IDE-specific instructions

Common Use Cases

During Development

Ask your AI:

“Check this file for license compliance”
“What licenses are used in this project?”
“Is this package safe for commercial use?”
“What are my obligations for the MIT license?”

Before Commits

Ask your AI:

“Scan changed files for new dependencies”
“Validate project against our compliance policy”
“Check if any new licenses were introduced”

Pre-Release

Ask your AI:

“Generate SBOM for this release”
“Create NOTICE file for distribution”
“Generate legal notices for mobile app”
“Analyze commercial distribution risks”

Troubleshooting

Server Not Connecting

Check installation:

python -m mcp_semclone.server --version

Verify Python in PATH:

which python  # macOS/Linux
where python  # Windows

Check logs:

Cursor: Developer Tools → Console
Kiro: View → Kiro - MCP Logs
VS Code: Output → MCP Server Logs

Tools Not Appearing

Restart the IDE after configuration changes
Verify JSON syntax - Use a JSON validator
Check file location - Ensure mcp.json is in correct directory
Review logs for connection errors

Permission Issues

If you see permission errors:

macOS/Linux:

chmod +x $(which python)

Windows: Run IDE as Administrator (first time only)

Python Not Found

Specify full path to Python:

{
  "mcpServers": {
    "semclone": {
      "command": "/usr/bin/python3",
      "args": ["-m", "mcp_semclone.server"]
    }
  }
}

Or use virtual environment:

{
  "mcpServers": {
    "semclone": {
      "command": "/path/to/venv/bin/python",
      "args": ["-m", "mcp_semclone.server"]
    }
  }
}

Available Tools

Once integrated, your IDE’s AI will have access to these 12 tools:

Tool	Purpose
`scan_directory`	Scan source code directories for licenses
`check_package`	Analyze individual package archives
`scan_binary`	Scan compiled binaries for OSS components
`validate_policy`	Validate licenses against compliance policy
`get_license_obligations`	Get obligations for specific licenses
`check_license_compatibility`	Check if licenses are compatible
`get_license_details`	Get comprehensive license information
`analyze_commercial_risk`	Analyze commercial licensing risks
`validate_license_list`	Validate license list for distribution type
`run_compliance_check`	Universal compliance workflow for any project type
`generate_legal_notices`	Generate comprehensive attribution docs
`generate_sbom`	Generate Software Bill of Materials

Example Workflows

Mobile App Compliance

Developer asks: “Check if this project is safe for App Store distribution”
AI uses scan_directory to analyze the project
AI uses validate_license_list with distribution type “mobile”
AI uses analyze_commercial_risk to assess risks
AI provides comprehensive compliance report

SBOM Generation

Developer asks: “Generate SBOM for this release”
AI uses scan_directory to identify packages
AI uses generate_sbom with CycloneDX format
SBOM saved to sbom.json in project root

Legal Notice Creation

Developer asks: “Create NOTICE file for distribution”
AI uses scan_directory to find packages
AI uses generate_legal_notices with all PURLs
Legal notices saved to NOTICE.txt

Next Steps

Explore the SEMCL.ONE toolchain
Check the MCP specification
Join discussions at GitHub Issues

Additional Resources

Part of the SEMCL.ONE ecosystem for comprehensive OSS compliance and code analysis.