How to add MK QA Master to Windsurf
Universal MCP server that drives your test suite end-to-end: run pytest/Jest/Cypress/Go/Maestro, analyze pages, generate tests, and advise. Paste the config into ~/.codeium/windsurf/mcp_config.json and restart Windsurf.
Last updated June 14, 2026 · 37★ · stdio · no auth
Windsurf config for MK QA Master
uvx mk-qa-master{
"mcpServers": {
"mk-qa-master": {
"command": "uvx",
"args": [
"mk-qa-master"
],
"env": {
"QA_RUNNER": "pytest",
"QA_PROJECT_ROOT": "/path/to/your-test-project"
}
}
}
}Requires `uv` (the Python package runner). Install it from https://docs.astral.sh/uv/ if `uvx` is not found.
Setup steps
- 1Open Windsurf → Cascade → the hammer/MCP icon → Configure (or edit ~/.codeium/windsurf/mcp_config.json).
- 2Paste the MK QA Master config below.
- 3Fill in placeholder secrets, then save.
- 4Click Refresh in the MCP panel.
- 5MK QA Master's tools become available to Cascade.
Before you start
- uv (for the recommended uvx zero-install path) or Python 3 with pip
- QA_RUNNER and QA_PROJECT_ROOT environment variables
- Per-runner deps: pytest-playwright + 'playwright install chromium' for pytest; a Node project with jest/cypress installed; Go toolchain for go; Maestro CLI + a booted simulator/emulator/device for maestro
- API runners: 'pip install mk-qa-master[api]' for Schemathesis; 'npm install -g newman' for Newman
- Edge runner: 'pip install mk-qa-master[edge]' + ffmpeg + mediamtx on PATH
What MK QA Master can do in Windsurf
get_runner_infoReport which test runner is active plus all available runners.
list_testsEnumerate the tests in the project under test.
run_testsRun tests with optional filter / headed / browser options (headed and browser are pytest-playwright only).
run_failedRe-run only the last failures (pytest --lf).
get_test_reportReturn a summary: pass / fail / skipped / duration / flaky-in-run.
get_failure_detailsPer-failure message plus paths to screenshot, Playwright trace, and video.
generate_testGenerate a test skeleton; with a module from analyze_url/analyze_screen, writes a runnable Playwright .py or Maestro .yaml with concrete selectors.
auto_generate_testsOne-shot: analyze a URL then generate one test per discovered module.
Security
The AI Visual Challenge Solver (reCAPTCHA/hCaptcha) and the OWASP API Security scanner are dangerous capabilities and are disabled by default. They require explicit opt-in env vars: QA_VISUAL_CHALLENGE_CONSENT=true and QA_API_SECURITY_CONSENT=true respectively, plus per-call confirmation. Authorized-domain allowlists (QA_VISUAL_CHALLENGE_AUTHORIZED_DOMAINS, QA_API_SECURITY_AUTHORIZED_DOMAINS) restrict where they operate; hard-stop blacklists refuse known identity providers and camera-vendor hosts. The security scanner runs adversarial test cases and the mass_assignment rule mutates server state — never point it at systems you do not own or are not authorized to test. Secrets in env (auth headers, tokens) are redacted from archived reports by default unless QA_NO_REDACT=1.
MK QA Master + Windsurf FAQ
Where is the Windsurf config file?
Windsurf reads MCP servers from ~/.codeium/windsurf/mcp_config.json. Paste the MK QA Master config there under the "mcpServers" key and restart the client.
Is MK QA Master safe to use with Windsurf?
The AI Visual Challenge Solver (reCAPTCHA/hCaptcha) and the OWASP API Security scanner are dangerous capabilities and are disabled by default. They require explicit opt-in env vars: QA_VISUAL_CHALLENGE_CONSENT=true and QA_API_SECURITY_CONSENT=true respectively, plus per-call confirmation. Authorized-domain allowlists (QA_VISUAL_CHALLENGE_AUTHORIZED_DOMAINS, QA_API_SECURITY_AUTHORIZED_DOMAINS) restrict where they operate; hard-stop blacklists refuse known identity providers and camera-vendor hosts. The security scanner runs adversarial test cases and the mass_assignment rule mutates server state — never point it at systems you do not own or are not authorized to test. Secrets in env (auth headers, tokens) are redacted from archived reports by default unless QA_NO_REDACT=1.
How do I choose which test framework runs?
Set the QA_RUNNER env var to one of pytest / jest / cypress / go / maestro / schemathesis / newman / edge, and QA_PROJECT_ROOT to the project under test. Each runner has its own prerequisites (e.g. 'playwright install chromium' for pytest-playwright, 'npm install -g newman' for Newman).
Is the CAPTCHA solver enabled by default?
No. Both inspect_visual_challenge and solve_visual_challenge return a consent_required error until you set QA_VISUAL_CHALLENGE_CONSENT=true, and solving requires per-call confirm=true. It also refuses hard-stop domains like known identity providers regardless of consent.
Does it bundle JIRA/Slack/GitHub integrations?
No — it stays a pure test-execution and analysis layer. You compose workflows by running other MCP servers (Atlassian, Slack, GitHub, Sentry, Filesystem) side-by-side in the same client config and letting the AI client orchestrate the chain across servers.