snyk/studio-mcp — reverse-engineered prompt

Build me a Go based MCP server that plugs into the Snyk CLI so I can use Snyk security scans from any tool that supports MCP. I want it to expose the main Snyk actions as MCP tools, including login, logout, auth status, version, trusting a folder, and scans for open source dependencies, code, infrastructure as code, containers, SBOM files, secret detection, AIBOM creation, and package health checks.

The server should run the right Snyk CLI commands against the current project, return results in a clean structured way that an AI tool can read easily, and surface clear errors when auth is missing or a scan needs local ecosystem tools like Gradle or Maven. Make the setup feel straightforward, with sensible defaults, basic config, startup instructions, and troubleshooting notes so someone can connect from an MCP client and start scanning quickly. Keep it solid enough for real use, and look up the current Snyk MCP docs online if you need to match expected behavior.