Application security company Sparrow said on Tuesday it has launched an AI-generated code security assistant, Sparrow MCP, to help AI models generate secure code.

Sparrow is moving to fully push an MCP (Model Context Protocol)-based application security business in step with shifts in the development paradigm driven by the spread of AI.

MCP is a standard protocol announced by Anthropic. It supports AI models in communicating with external data or tools in a standardised way.

Development using AI coding agents such as Claude Code and Cursor has recently spread, sharply improving productivity and speed. At the same time, quickly ensuring security in response has emerged as a new task. Large language models generate code based on training data, and security weaknesses or vulnerable open-source libraries included in that data can be reflected 그대로 in source code under development. In many cases, AI-generated code includes security vulnerabilities, posing a risk of later being exploited as an attack path.

Sparrow said Sparrow MCP links AI coding agents with its security solutions to analyse and verify source code and open-source components as soon as code is generated. It said the product identifies open-source software components used in code and provides licence and vulnerability information. It also said it can generate an SBOM (software bill of materials) to visualise components, helping users comply with licence policies and prevent supply chain risks in advance.

Sparrow CEO Il-soo Jang (장일수) said, "In an environment where AI generates code in real time, proactive security that verifies vulnerabilities and open-source libraries as soon as code is written is essential." He added, "Sparrow MCP supports companies in maximising development productivity while also ensuring code safety by embedding security within AI development workflows."