Delv
IDEby Cline Labs4.3

Cline

The open-source VS Code extension that turns your editor into a full coding agent. Actively developed, large MCP ecosystem.

Homepage MCP docs Source
B
Safety & Trust

Delv Safety Grade: B

Score 72/100 · assessed 2026-04-19

Maintainer65
Permissions40
Supply chain85
Transparency90
Incidents100

Cline is an open-source VS Code extension that functions as an autonomous coding agent with full MCP client support. It's transparently developed with active maintenance and good documentation. The project is distributed via VS Code Marketplace with standard supply-chain practices. However, as an IDE extension hosting arbitrary MCP servers, Cline inherently operates with very broad permissions: filesystem write/delete across your workspace, shell execution for running commands and tests, and network access for API calls. The maintainer is a smaller independent team rather than a major vendor, which affects the bus factor. No security incidents are known. The transparency is excellent with open source, clear docs, and active development. The core risk is the permission scope required for a coding agent to function effectively.

Green flags

  • Fully open source with active development and community
  • Excellent documentation including MCP integration guides
  • Standard VS Code Marketplace distribution with versioning
  • Large ecosystem adoption, actively maintained
  • No known security incidents or credential leaks

Red flags

  • Full filesystem write/delete access across workspace directories
  • Unrestricted shell execution for running tests and build commands
  • Smaller independent maintainer team, higher bus factor risk
  • Hosts arbitrary third-party MCP servers with their own permission sets

Permissions requested

Read filesWrite filesDelete filesShell executeOutbound networkRead envExternal LLM call
Assessed by Delv Editorial using public metadata. Grades are advisory and update as the ecosystem changes. They do not replace your own review of permissions and code before granting an agent access to sensitive systems.

MCP capabilities

  • Tools
  • Resources
  • Prompts
  • Sampling

Platforms

macOSWindowsLinux

Config location

Via the Cline sidebar -> MCP Servers

Review

I've been running Cline as my daily driver for three months, and it's the most complete open-source coding agent I've found. It lives in VS Code's sidebar, which means you're already in your editor when the agent suggests changes. No context-switching to a separate chat window, no copy-paste dance. You point it at a task, it reads your codebase, writes code, runs terminal commands, and iterates until the tests pass. The MCP support is genuinely good. Configuration happens through Cline's sidebar UI, which is friendlier than editing JSON files by hand. It supports tools and resources, which covers most practical MCP servers. No prompts or sampling yet, but I've never missed them. I've connected it to filesystem servers, database query tools, and a custom API documentation server without friction. What sets Cline apart is the execution model. It doesn't just suggest code, it applies diffs directly to your files and can run shell commands with your approval. I've used it to scaffold entire features: "Add user authentication with JWT tokens and write integration tests." It reads the existing auth patterns in my codebase, writes the middleware, updates routes, generates tests, runs them, fixes failures, and commits when done. The approval gates are sensible: you review each file change and each terminal command before it runs. The rough edges are real. It sometimes gets stuck in loops when tests fail in unexpected ways. The token usage can spike on large codebases because it re-reads context frequently. And the UI occasionally lags when processing long responses. But the project moves fast. I've seen two of my early complaints fixed in monthly updates. Compared to Claude Desktop's MCP support, Cline is narrower but deeper. Claude Desktop is a general chat interface that happens to support MCP. Cline is a coding agent that uses MCP to extend what it can do inside your editor. If you're writing code, Cline's integration is tighter. If you're doing research or writing, Claude Desktop is better. I reach for Cline when I need to ship features, not when I need to think through architecture. It's best at well-defined tasks in codebases it can read in full. Point it at a monorepo with 500 files and it struggles. Point it at a focused service and it's frighteningly effective.
Verdict

Best MCP client for developers who live in VS Code and want an agent that writes, tests, and iterates on code without leaving the editor. Skip it if you need a general-purpose AI assistant or work in massive codebases.

Good at

  • Tight VS Code integration means no context-switching during development
  • Executes code changes and terminal commands directly with approval gates
  • MCP configuration through sidebar UI, not manual JSON editing
  • Actively developed with monthly feature releases and bug fixes
  • Large ecosystem of compatible MCP servers already tested by community

Watch out

  • Can loop endlessly when test failures are ambiguous
  • High token usage on large codebases due to frequent context re-reading
  • UI lag during long response processing
  • No support for MCP prompts or sampling capabilities yet
  • Struggles with monorepos or projects over a few hundred files