Connect Sonarqube to AI agents

Connect Sonarqube to Claude, Codex, Cursor, or other AI agents for your entire team. Metorial security, governance, observability, and gives your team a unified Magic MCP url to connect.

Supported Tools

get_project_measures

Get Project Measures

Get current metric measures for a SonarQube project, branch, or pull request by metric keys.

get_component

Get Component

Get a SonarQube component, file, directory, project, or portfolio by component key, including ancestor metadata when returned.

list_component_tree

List Component Tree

List child components under a SonarQube project, directory, or file, optionally filtered by branch, pull request, query text, and qualifiers.

get_hotspot

Get Security Hotspot

Get one SonarQube security hotspot by hotspot key, including normalized hotspot metadata and raw provider fields.

get_source

Get Source

Retrieve SonarQube source code for a file component. Source text is returned as a Slate text attachment, not inline output.

list_project_pull_requests

List Project Pull Requests

List pull request analyses for a SonarQube project, including source branch, target branch, and status metadata when available.

manage_issue

Manage Issue

Manage a SonarQube issue workflow: transition, assign, comment, set tags, set severity, or set type. Requires confirmWrite to be true.

get_system_status

Get System Status

Get SonarQube Server system status. This tool is Server-only and returns a ServiceError for SonarQube Cloud configs.

list_metrics

List Metrics

List SonarQube metrics that can be requested from measure tools, such as coverage, bugs, vulnerabilities, code smells, duplicated lines density, and ncloc.

search_measure_history

Search Measure History

Search historical SonarQube measures for a project, branch, or pull request over time.

list_languages

List Languages

List programming languages known to SonarQube, optionally filtered by search text.

search_issues

Search Issues

Search SonarQube issues by issue key, project, component, branch, pull request, status, severity, type, tags, and text query.

get_project_analysis_status

Get Project Analysis Status

Get pending, in-progress, and last executed Compute Engine analysis tasks for a SonarQube project.

search_rules

Search Rules

Search SonarQube rules by text query, language, repository, tags, severity, type, and status.

get_quality_gate_status

Get Quality Gate Status

Get the SonarQube quality gate status for one project key, project id, or analysis id, optionally scoped to a branch or pull request.

get_rule

Get Rule

Get one SonarQube rule by rule key, including rule metadata and raw remediation details returned by SonarQube.

get_issue_changelog

Get Issue Changelog

Get the changelog for a SonarQube issue, including workflow transitions, comments, assignments, and field changes when returned.

manage_hotspot

Manage Security Hotspot

Change a SonarQube security hotspot review status and optional resolution. Requires confirmWrite to be true.

list_quality_gates

List Quality Gates

List SonarQube quality gates available to the current token, including the default gate when reported.

search_hotspots

Search Security Hotspots

Search SonarQube security hotspots for a project by branch, pull request, files, review status, resolution, and assignee ownership.

list_project_branches

List Project Branches

List branches analyzed for a SonarQube project, including main branch and branch analysis status metadata when available.

get_compute_task

Get Compute Task

Get SonarQube Compute Engine task details by task id, including task status, component, analysis id, submitter, and timing metadata.

search_projects

Search Projects

Search SonarQube projects by text query or project keys. Returns project keys, names, qualifiers, visibility, and latest analysis metadata.

get_scm_info

Get SCM Info

Get SonarQube SCM blame information for a source component, optionally scoped to a line range.

get_duplications

Get Duplications

Get SonarQube duplication blocks and related files for a source component, branch, or pull request.

get_issue

Get Issue

Get one SonarQube issue by issue key, including normalized issue metadata and raw provider fields.

More integrations teams use with Sonarqube

GitHub

Manage repositories, issues, and pull requests. Create and configure branches, star repositories, review code, and merge changes. Automate CI/CD workflows with GitHub Actions, manage workflow runs, secrets, and artifacts. Track issues with labels, milestones, and assignees. Search across code, repositories, issues, and users. Manage organizations, teams, and memberships. Create and manage projects, gists, packages, deployments, and environments. Access security alerts including code scanning, secret scanning, and Dependabot alerts. Read and write file contents in repositories. Manage webhooks, notifications, and codespaces.

Sharepoint

Manage SharePoint sites, document libraries, lists, and files. Create, read, update, and delete lists and list items with custom columns. Upload, download, move, copy, and version files in document libraries. Search across sites, files, folders, lists, and list items using Microsoft Search. Manage permissions at site, list, and item levels with granular access control. Define and manage content types and site columns. Subscribe to webhooks for list and library change notifications. Retrieve site properties and search for sites across Microsoft 365.

Salesforce

Manage CRM data including Accounts, Contacts, Leads, Opportunities, Cases, and custom objects. Create, read, update, and delete records. Query data using SOQL and search across objects using SOSL. Perform bulk data operations for large-scale imports, exports, and migrations. Execute composite requests to batch multiple operations in a single API call. Access analytics, reports, and dashboards. Manage files and attachments associated with records. Interact with Chatter feeds, posts, and groups for social collaboration. Subscribe to real-time change events via Change Data Capture and Platform Events. Manage org metadata including custom objects, fields, layouts, and workflows. Query data using GraphQL for precise data retrieval across related objects.

Airtable

Create, read, update, and delete records in Airtable bases and tables. Manage base schemas including creating tables and fields. Filter records using formulas, sort by fields, and scope queries to specific views. Upsert records to find, create, or update in a single call. Upload attachments to records, read and write record comments, list accessible bases, and receive real-time base change events through webhooks.

Bitbucket

Manage Git repositories, pull requests, and CI/CD pipelines on Bitbucket Cloud. Create, fork, and configure repositories within workspaces and projects. Create, review, approve, merge, and decline pull requests with inline code comments. Browse source code, list commits, and manage branches and tags. Track issues with the built-in issue tracker. Trigger, monitor, and manage Bitbucket Pipelines. List workspace members, configure repository default reviewers and branch restrictions, create and manage repository webhooks, and search code across repositories.

Heroku

Deploy, manage, and scale applications on Heroku's cloud platform. Create and configure apps, scale dynos, provision add-ons (databases, caching, etc.), manage configuration variables, build and release code, add custom domains and SSL certificates, manage collaborators and team permissions, configure pipelines for continuous delivery, set up log drains, and sync data with Salesforce via Heroku Connect. Subscribe to webhooks for real-time notifications on app changes, builds, releases, dyno lifecycle events, and more.

Technical notes for Sonarqube

Connect to SonarQube Server or SonarQube Cloud to inspect project quality, issues, branches, pull requests, measures, quality gate status, and analysis task state.

Connect Sonarqube to production AI agents

See how Metorial gives Sonarqube access the governance, tracing, and security controls teams need.

Frequently asked questions

Common questions about connecting Sonarqube to AI agents with Metorial.

  1. Can Metorial connect Sonarqube to AI agents?
    Yes. Metorial connects AI agents to Sonarqube through a governed integration layer, so teams can use the provider while keeping access controlled and observable.
  2. Metorial is MCP compatible and lets teams expose approved provider tools to MCP-capable agents and clients through a controlled access layer.
  3. Metorial applies policies across users, groups, providers, agents, and individual tools, then records the context around every agent interaction.
  4. Yes. Metorial records provider activity so teams can inspect tool calls, troubleshoot integrations, and give security teams the visibility they need.