The Zero-X MCP server brings Zero-X security and analysis capabilities directly into your AI coding workflow inside Cursor.
# Zero-X security and analysis best practices
- Always consider running **zerox_full_scan** on generated, added, and modified first-party code, especially in security-sensitive areas (auth, crypto, payments, secrets handling, infrastructure-as-code).
- When running **zerox_full_scan**, provide the full relevant file contents and any important configuration files so Zero-X can produce accurate findings.
- When Zero-X reports issues, prefer using the remediation guidance returned by the tool to fix the code, and clearly explain how the fix addresses the underlying problem.
- After applying fixes based on Zero-X findings, run **zerox_full_scan** again on the affected files or project to verify that all reported issues have been resolved and no new issues were introduced.
- Prioritize remediation of **critical** and **high** severity findings first, then address medium and low severity issues as time permits.
- If the **Zero-X MCP server** is not installed or cannot be started successfully, inform the user and direct them to the official Zero-X MCP and Cursor plugin setup documentation.