VS Code + GitHub Copilot
This guide describes how to configure Mobb Vibe Shield (MVS) as an MCP (Model Context Protocol) server in Visual Studio Code.
Prerequisites
Before setting up MVS, ensure the following:
VS Code version
Version 1.99 or later is required (MCP support is in preview).
GitHub Copilot permissions
If you are using GitHub Copilot through an organization account, confirm that your Copilot policies permit:
Copilot Chat in the IDE
MCP servers in Copilot
These settings are configured in your GitHub org admin panel under:
Settings → Copilot → Policies
Node.js
Ensure Node.js v18.20 or later is installed. The MCP server uses npx
and requires a modern Node.js runtime.
node --version
If not installed or outdated, install via nodejs.org.
Step 1: Enable MCP in VS Code
Open VS Code settings (Ctrl+Comma or
Cmd+,
on Mac).Search for
chat.mcp.enabled
and check the box.
Alternatively, add this to your settings.json
:
"chat.mcp.enabled": true
Step 2: Configure Mobb MCP Server
You can configure the MCP server either per workspace or globally.
Option A: Workspace-Level (.vscode/mcp.json
)
.vscode/mcp.json
)In your project root, create
.vscode/mcp.json
:
{
"servers": {
"mobb-mcp": {
"type": "stdio",
"command": "npx",
"args": ["mobbdev@latest", "mcp"],
"env": {
}
}
}
}
This file can be committed to your repo and shared across your team.
For single-tenant users, ensure you add the variables API_URL
and WEB_APP_URL
in the env
section. Furthermore, TOOLS_ENABLED
allows you to specify which modes are allowed:
For example:
{
"servers": {
"mobb-mcp": {
"type": "stdio",
"command": "npx",
"args": ["mobbdev@latest", "mcp"],
"env": {
"API_URL": "https://api-st-<YOUR_TENANT_NAME>.mobb.ai/v1/graphql",
"WEB_APP_URL": "https://<YOUR_TENANT_NAME>.mobb.ai",
"TOOLS_ENABLED": ["check_for_available_fixes"]
}
}
}
}
Option B: User-Level Configuration (settings.json
)
settings.json
)Open Command Palette →
Preferences: Open Settings (JSON)
Add or update the
mcp
section as follows:
{
"mcp": {
"servers": {
"mobb-mcp": {
"type": "stdio",
"command": "npx",
"args": ["mobbdev@latest", "mcp"],
"env": {
}
}
}
}
}
This allows you to reuse the same setup across all projects without repeating .vscode
setup.
For single-tenant users, ensure you add the variables API_URL
and WEB_APP_URL
in the env
section. Furthermore, TOOLS_ENABLED
allows you to specify which modes are allowed:
For example:
{
"mcp": {
"servers": {
"mobb-mcp": {
"type": "stdio",
"command": "npx",
"args": ["mobbdev@latest", "mcp"],
"env": {
"API_URL": "https://api-st-<YOUR_TENANT_NAME>.mobb.ai/v1/graphql",
"WEB_APP_URL": "https://<YOUR_TENANT_NAME>.mobb.ai",
"TOOLS_ENABLED": ["check_for_available_fixes"]
}
}
}
}
}
Step 3: Start the Server
In VS Code:
Open the Command Palette (
Ctrl+Shift+P
orCmd+Shift+P
).Run
MCP: List Servers
In the list of configured MCP servers, locate mobb-mcp, then click Start Server.
If successful, you’ll see mobb-mcp
listed under available tools in Agent Chat (such as scan_and_fix_vulnerabilities
, fetch_available_fixes
, and check_for_new_available_fixes
).
Step 4: Use Mobb in Agent Mode
Open Copilot Chat (
Ctrl+Alt+I
)Switch to Agent Mode
In the Agent Chat prompt box, type:
Check for new available fixes using the Mobb MCP
Accept the execution
On first-time setup, MVS will open a browser window to connect to the Mobb platform. You will be prompted to log in and authorize the IDE integration.
Deploying a Rulebook for Automated Fix Checks
To ensure check_for_new_available_fixes
is always called at the end of every session, you should deploy a rulebook in your repository. In VS Code, this is typically done by adding a file named .github/copilot-instructions.md
at the root of your project or repository.
Example .github/copilot-instructions.md
rulebook:
# End-of-generation actions:
- After completing all reasoning, code edits, linting, and tests, ALWAYS call the `check_for_new_available_fixes` tool from the mobb-mcp toolset.
- Pass the absolute repository path as the `path` argument.
- Do NOT skip this step under any circumstance.
- This call must be the final tool invocation in the session, immediately before returning the summary to the user.
This instructs the agent to always invoke the tool at the end of each session, ensuring you are notified of new available fixes as soon as possible. For more information on custom instructions in VS Code, see the GitHub Copilot documentation.
Troubleshooting
Run
MCP: Show Output
to see server logs (Open the Command Palette (Ctrl+Shift+P
orCmd+Shift+P
))Validate
node
is available in the terminal by runningnode --version
Check
mcp.json
for syntax or command errorsEnsure GitHub Copilot Chat is working independently of Mobb first
After you make changes to the MCP settings, you may need to restart VS Code
Visit the MCP servers in VS Code for additional info
Last updated
Was this helpful?