Set up the cifuzz MCP server
The cifuzz MCP server integration is experimental. It requires a state-of-the-art agentic coding model with strong tool-usage and code-generation capabilities, such as Claude Opus 4.6, GPT-5.3 Codex, Gemini 3.1 Pro, or later. Using a less capable model can lead to significantly worse results than the cifuzz spark workflow.
The cifuzz MCP server lets AI coding assistants run cifuzz commands directly
from the development environment. It exposes deterministic tools - project
setup, candidate identification, test execution, coverage, and findings -
through the Model Context Protocol. The AI
agent uses its own context awareness to handle creative tasks like writing fuzz
test implementations, while cifuzz handles the fuzzing infrastructure. It
provides two MCP tools: cifuzz for executing commands and cifuzz-usage for
retrieving the API reference and usage information.
Prerequisites
- cifuzz installed and available on your PATH
- An AI coding assistant that supports MCP (see Setup below)
How it works
Your AI coding assistant launches cifuzz mcp as a subprocess and communicates
over stdio. Two tools become available: cifuzz for running commands with
arguments, and cifuzz-usage for retrieving the API reference. The agent
typically calls cifuzz-usage first to learn the available commands, then
orchestrates them to set up projects, find candidates, run tests, and review
Findings.
Setup
Select your AI coding assistant below and follow the configuration instructions.
- Claude Code
- VS Code (GitHub Copilot)
- Cursor
- OpenAI Codex
- Windsurf
- JetBrains
Add the following to .mcp.json in your project root for a shareable
project-level configuration:
{
"mcpServers": {
"cifuzz": {
"command": "cifuzz",
"args": ["mcp"]
}
}
}
For user-level configuration, add the same block to ~/.claude/settings.json.
Alternatively, run the following command:
claude mcp add cifuzz -- cifuzz mcp
Add the following to .vscode/mcp.json in your project root:
{
"servers": {
"cifuzz": {
"command": "cifuzz",
"args": ["mcp"],
"type": "stdio"
}
}
}
GitHub Copilot uses "servers" (not "mcpServers") and requires an explicit
"type": "stdio" field.
Add the following to .cursor/mcp.json in your project root or
~/.cursor/mcp.json for a global configuration:
{
"mcpServers": {
"cifuzz": {
"command": "cifuzz",
"args": ["mcp"]
}
}
}
Add the following to .codex/config.toml in your project root (trusted) or
~/.codex/config.toml for a global configuration:
[mcp_servers.cifuzz]
command = "cifuzz"
args = ["mcp"]
Alternatively, run the following command:
codex mcp add cifuzz -- cifuzz mcp
Add the following to ~/.codeium/windsurf/mcp_config.json:
{
"mcpServers": {
"cifuzz": {
"command": "cifuzz",
"args": ["mcp"]
}
}
}
- Navigate to Settings > Tools > AI Assistant > Model Context Protocol (MCP).
- Click + and choose "As JSON".
- Paste the following configuration:
{
"mcpServers": {
"cifuzz": {
"command": "cifuzz",
"args": ["mcp"]
}
}
}
Requires IntelliJ IDEA 2025.1+ or any JetBrains IDE 2025.2+.
Available tools
The following commands are accessible through the MCP server:
| Command | Description |
|---|---|
cifuzz init | Set up a project for use with cifuzz |
cifuzz candidates | Identify functions suitable for fuzz testing |
cifuzz create | Create a new fuzz test stub |
cifuzz run | Build and execute fuzz tests |
cifuzz coverage | Generate coverage reports |
cifuzz finding | List and review Findings |
Typical workflow
The agent handles fuzz test creation using its own context awareness of your
codebase, which can produce better results than automated generation. The
cifuzz-usage tool provides the FUZZ_TEST API reference the agent needs to
write correct harnesses.
A typical agent-driven fuzz testing session follows these steps:
- The agent calls
cifuzz-usageto learn the available commands and FUZZ_TEST API. - The agent runs
cifuzz initto set up the project. - The agent runs
cifuzz candidatesto identify functions suitable for fuzz testing. - The agent creates a fuzz test file and implements the test harness using its understanding of your codebase.
- The agent runs
cifuzz run <test-name>to execute the fuzz test. - The agent reviews Findings with
cifuzz findingand generates coverage reports withcifuzz coverage.