MCP Security Scanner

by aws-samples · security · mcp-server, glama

Integrates Checkov, Semgrep, Bandit, and ASH to provide comprehensive code security analysis for AI coding assistants.

Source: https://github.com/aws-samples/sample-mcp-security-scanner

Install

git clone https://github.com/aws-samples/sample-mcp-security-scanner

Tags: mcp-server, glama

Source: glama

About security MCP servers and Claude skills

Security MCP servers let agents scan dependencies, audit logs, check for vulnerabilities, and enforce policy guardrails. Critical for any agent that touches production.

MCP Security Scanner is one of hundreds of security entries indexed on Skiln. Browse the full security category or the complete directory of Claude skills, MCP servers, agents, commands, and hooks.

Related security MCPs and skills

  • Lanalyzer MCP Server by hkxiaoyao

    Enables AI models to perform static taint analysis on Python code, detecting security vulnerabilities by tracking data flows from sources to sinks.

  • Burp Suite MCP Analyzer by sklnhunt

    An MCP server that lets AI assistants analyze Burp Suite XML exports offline, without running Burp. Provides 19 tools for mapping endpoints, finding secrets, detecting vulnerabilities, analyzing headers, exporting curl commands, and generating pentest reports.

  • solidity-auditor-mcp by uitkhoanna

    Audits Ethereum/Solidity smart contracts using the Cysic Minimax model, providing automated vulnerability detection, gas optimization suggestions, and markdown report generation.

  • Burp Suite MCP Server by N0el4kLs

    Enables LLMs to query and retrieve data from Burp Suite proxy history using SQL-like syntax, aiding security researchers in efficient analysis.

  • zk-circuit-auditor-mcp by uitkhoanna

    An MCP server that audits zero-knowledge circuits (Circom, Noir, Halo2) for soundness and constraint bugs, powered by the Cysic Minimax model.

  • sshops by LckAndLove

    A lightweight, zero-agent SSH operations tool that enables remote command execution, file transfer, and audit logging. It integrates as an MCP server for AI-driven infrastructure management.

  • CodeAudit Agent by nimra-pixel

    MCP server for AI-powered code security, quality, and performance review. Enables auditing code directly from VS Code via right-click or MCP tools.

  • lso-mcp by Homie4570

    38 AI data tools for Claude and any MCP-compatible agent — crypto, DeFi, equities, commodities, energy, real estate, government intelligence, security audits, and more.

Frequently asked questions

How do I install MCP Security Scanner?

Add the install command above to your Claude Code, Cursor, or Windsurf MCP configuration. Most servers register via npx, a local command, or a Docker image. Refer to the source repository for environment variables and credential requirements.

Which clients support MCP Security Scanner?

Any MCP-compatible client works: Claude Desktop, Claude Code CLI, Cursor, Windsurf, Zed, and VS Code with the official MCP extension. OpenAI Codex and GitHub Copilot increasingly support MCP via adapter bridges.

Is MCP Security Scanner free?

The server itself is typically open source. Any upstream service (API keys, paid tiers, hosted infrastructure) may have its own pricing. Check the source repository for details.