Skill

setup

Configures the Aikido plugin by setting up the API key and verifying the MCP server. Accepts an optional API key argument to configure automatically. Use when the user wants to set up or verify the Aikido plugin, after installing it, or when aikido_full_scan fails or is unavailable.

npx claudepluginhub aikidosec/aikido-claude-plugin --plugin aikido

Popularity

Stars

Forks

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/aikido:setup

User invocable

Model invocable

Inline context

Default effort

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

When helping the user configure the Aikido security plugin:

SKILL.md

48 lines · ~689 tokens

Similar Skills

mcp-config-poisoning

Tests AI IDEs for MCP configuration poisoning vulnerabilities, assessing auto-loading of untrusted workspace configs and tool approval controls across four interaction tiers.

3 files

ai-ide-vuln-skills

security-scan

188.5k

Scans Claude Code .claude/ directory for security vulnerabilities, misconfigurations, and injection risks using AgentShield. Audits CLAUDE.md, settings.json, MCP servers, hooks, and agents.

everything-claude-code

audit-mcp

Audits MCP server configs across project/user/plugin scopes for JSON validity, security, compliance using claude mcp CLI and file inspections.

5 tools

claude-ecosystem

Stats

Stars8

Forks3

MaintenanceExcellent

Last CommitMar 26, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Stats

Actions

Help us improve

Share bugs, ideas, or general feedback.

When helping the user configure the Aikido security plugin:

First: Verify Node.js version

Before doing anything else, run node --version to check the installed Node.js version.

If Node.js is not installed or the command fails, stop and tell the user that Node.js 18.19.0 or higher is required to run the Aikido MCP server, and direct them to https://nodejs.org to install it.
If the version is below 18.19.0, stop and tell the user that the Aikido MCP server requires Node.js 18.19.0 or higher, show the currently installed version, and direct them to https://nodejs.org to upgrade.
If the version is 18.19.0 or higher, proceed with the steps below.

If the user provided an API key as an argument:

Read ~/.claude/settings.json (create it as {} if it doesn't exist).
Merge AIKIDO_API_KEY into the env object, preserving all other existing settings. The result should look like:
```
{
  "env": {
    "AIKIDO_API_KEY": "<key>"
  }
}
```
Write the updated JSON back to ~/.claude/settings.json.
Confirm to the user that the API key has been saved to their Claude Code user settings and will apply to all projects.
Inform the user that they need to restart Claude Code for the MCP server to pick up the new key.
Offer to verify the setup after restart by running aikido-mcp:aikido_full_scan with a test payload.

If no API key was provided:

Check whether the Aikido MCP server is currently available by calling aikido-mcp:aikido_full_scan with a minimal test payload: one file with path test.js and content // test.
If it responds successfully, confirm to the user that the Aikido plugin is already configured and ready to use.
If it fails or is unavailable, guide the user through the setup: a. Tell the user to get their API key from https://app.aikido.dev → Settings → Integrations → IDE Plugins. b. Suggest running the skill with the key directly:
```
/aikido:setup <my-key>
```
c. Remind the user to restart Claude Code after setting the key so the MCP server picks it up. d. Offer to verify the setup after they have set the key by running the test scan again.

setup

Popularity

Invocation

Context Preview

SKILL.md

Similar Skills

Help us improve

Help us improve

Find plugins for your project

setup

Popularity

Invocation

Context Preview

SKILL.md

First: Verify Node.js version

If the user provided an API key as an argument:

If no API key was provided:

Similar Skills

Help us improve

First: Verify Node.js version

If the user provided an API key as an argument:

If no API key was provided: