Skip to main content

Early access is open — be among the first to see your product through your users' eyes.

Request Access
Corexi

Docs · Integrations

Connect Corexi to your IDE via MCP

The Corexi MCP server gives any Model Context Protocol-compatible AI agent (Cursor, Claude Code, Windsurf, Replit, VS Code) direct access to your UX scans, findings, and fix-ready code — without leaving the editor.

1. Generate an API key

Open Corexi → Settings → API Keys → click New API key. Give it a memorable name (e.g. “Cursor on laptop”), then copy the key from the reveal modal — it's only shown once.

Sign up to create your first key →

Keys start with crxi_live_. We store only a salted SHA-256 hash; if you lose a key you must revoke and re-issue.

Scopes

  • mcp:read — granted by default. Lets the agent read sites, scans, findings, UX rules, runreview_codeandreview_screenshot.
  • scan:trigger — opt-in. Lets the agent kick off production scans viatrigger_scan(counts against your monthly scan quota). Tick the box when you create the key.

2. Add Corexi to your IDE

Replace crxi_live_YOUR_KEY_HERE with the key you just generated.

Cursor

Recommended
.cursor/mcp.json
{
  "mcpServers": {
    "corexi": {
      "url": "https://corexi.ai/api/mcp",
      "headers": {
        "Authorization": "Bearer crxi_live_YOUR_KEY_HERE"
      }
    }
  }
}

Create the file in your project root or in your home directory under ~/.cursor/mcp.json for global access. Cursor reloads MCP servers automatically when the file changes.

Claude Code

~/.config/claude-code/mcp.json
{
  "mcpServers": {
    "corexi": {
      "url": "https://corexi.ai/api/mcp",
      "headers": {
        "Authorization": "Bearer crxi_live_YOUR_KEY_HERE"
      }
    }
  }
}

Restart Claude Code after editing. Run /mcp to confirm Corexi is connected.

Windsurf

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "corexi": {
      "serverUrl": "https://corexi.ai/api/mcp",
      "headers": {
        "Authorization": "Bearer crxi_live_YOUR_KEY_HERE"
      }
    }
  }
}

Restart Windsurf, then open Cascade and check the MCP servers panel.

VS Code

.vscode/mcp.json
{
  "servers": {
    "corexi": {
      "type": "http",
      "url": "https://corexi.ai/api/mcp",
      "headers": {
        "Authorization": "Bearer crxi_live_YOUR_KEY_HERE"
      }
    }
  }
}

Requires the GitHub Copilot Chat extension or any MCP-compatible chat client. Reload window after editing.

Replit Agent

Replit Agent settings → MCP servers
Server URL: https://corexi.ai/api/mcp
Auth header: Authorization: Bearer crxi_live_YOUR_KEY_HERE

Add via the Replit Agent settings UI; configuration format may evolve as Replit ships its MCP support.

3. Tools your agent can call

Once connected, your AI agent calls these tools on its own when you ask UX-related questions. You don't need to invoke them manually.

Build-time tools

No scan needed

Use while writing code. Your agent applies Corexi's research-backed UX patterns from the first commit — no need to register a site or run a scan first.

get_ux_rulesNo scan needed

Returns Corexi's research-backed UX rules. Filter by category, severity, finding type, or free text.

Try asking

"What are the rules for designing accessible CTAs?"

Returns

Each rule: what / why / how + do/dont examples + code snippet + research citations (WCAG, NN/g, Baymard, Fitts, Miller, BDA, CUD).

get_ux_checklistNo scan needed

Returns a pre-flight checklist for a specific surface (checkout, modal, hero, pricing, navigation, etc.).

Try asking

"Give me the checklist before I implement the checkout form."

Returns

Surface-specific extra checks + applicable Corexi rules with severity tags (required / recommended / optional).

review_code50/month · token-aware

LLM-powered review of a code snippet against Corexi's 11-category UX/a11y methodology. Catches issues BEFORE you commit. Pass an optional site_id to inject your registered design tokens — fix_code will use var(--your-token) instead of hardcoded hex/px.

Try asking

"Review this checkout button JSX for UX issues before I commit."

Returns

Prioritized findings with evidence, research citations, and copy-paste fix_code snippets that match your design system. 50 reviews/month per key on the free tier.

review_screenshotShared quota

Vision-LLM review of a single image (design mockup, Figma export, local screenshot). Validates designs at the mockup stage. Accepts site_id for design-token-aware fixes.

Try asking

"Review this Figma export of the new pricing page."

Returns

Findings with bounding boxes, severity, and recommendations. Shares the 50/month bucket with review_code.

Post-deploy tools

Requires registered site

Pull live data from your registered Corexi sites: scans, scores, and prioritized findings.

list_sites

List the sites registered to your Corexi account.

Try asking

"What Corexi sites do I have?"

Returns

Site name, domain, surface, dev environment, scan frequency.

get_latest_scan

Fetch the latest scan summary for a site.

Try asking

"What's the UX score on my pricing page?"

Returns

UX Score, breakdown by category, pages scanned, run timestamp.

get_findings

List prioritized findings for a scan, filterable by severity and status.

Try asking

"Show me the top 5 high-severity issues on my homepage scan."

Returns

Title, evidence, recommendation, fix-ready code, impact score.

trigger_scanscan:trigger scope

Kick off a full UX scan on a site you own — from inside the IDE. Subject to plan limits + cooldowns.

Try asking

"Scan corexi.ai and tell me what changed since last week."

Returns

scan_id, UX score, pages scanned, total findings. Use get_findings(scan_id) to inspect issues.

Example agent workflow

A typical session in Cursor combines build-time and post-deploy tools:

  1. 1

    “I'm about to build a checkout form. What should I watch out for?”

    → Cursor calls get_ux_checklist with surface: "checkout_form" → 15 rules + 6 surface-specific checks land in chat.

  2. 2

    “Generate the form following these rules.”

    → Cursor writes the JSX with persistent labels, inline error validation, autocomplete attributes, 44px touch targets, and ARIA error association — out of the box.

  3. 3

    Before commit: “Review this form before I push.”

    → Cursor calls review_code with the JSX → Corexi's LLM applies the 11-category rubric → returns findings + fix snippets so you can patch inline before committing.

  4. 4

    After deploy: “Re-scan production and tell me if I shipped any regressions.”

    → Cursor calls trigger_scan with the right site_id → scan runs end-to-end → returns the new score and finding count, plus a hint to call get_findingsfor the details.

  5. 5

    “Show me the high-severity findings and patch them one by one.”

    → Cursor calls get_findings filtered by severity → walks through eachfix_codeand applies it inline in the IDE.

Rate limits & security

  • 60 requests/minute sustained, 10 requests/second burst per key. Exceeding returns 429 with a Retry-After header.
  • All tool calls are scoped to the key's owner — your key cannot read another account's data.
  • Revoke a key any time from Settings → API Keys. Revoked keys fail with 401 immediately.
  • We log last_used_at for each key (no payloads). Use it to detect stale or unused keys.

Troubleshooting

401 Unauthorized

Your key is missing, malformed, or revoked. Double-check the Authorization header includes the literal word "Bearer" before your key. Generate a new key in Settings → API Keys if needed.

429 Too Many Requests

You hit the rate limit (60 requests/minute sustained or 10 requests/second burst). The response Retry-After header tells you when to retry. Spread out tool calls or upgrade your plan.

Tool calls return "Site not found"

Use list_sites first to get a valid site_id. Sites are scoped to your account — you can only access ones you registered in Corexi.

Cursor doesn't show Corexi in the MCP panel

Check the Cursor settings → Tools and Integrations → MCP. If Corexi shows red, click it for the error log. Most often: malformed JSON or missing trailing comma in mcp.json.

I lost my key

Keys are unrecoverable by design — only a salted hash is stored. Revoke the lost key and generate a new one in Settings → API Keys.

What's next

Coming next: a dedicated dashboard panel for MCP usage analytics + IDE connection status, async scan polling for long-running jobs, and a marketplace listing in Cursor. Want early access? Get in touch.