mcp-server
Verified Safeby gen0sec
Overview
Generates and validates Wirefilter WAF rules, providing security context and testing tools for AI-driven rule creation.
Installation
docker run -p 8000:8000 waf-rule-mcpEnvironment Variables
- WAF_VALIDATION_API_URL
- NUCLEI_TEMPLATES_VERSION
- NUCLEI_TEMPLATES_AUTO_UPDATE
Security Notes
The server uses `subprocess` calls for `git clone`/`pull` to fetch CVE exploit templates and `pip install` for dependency management. While used for intended functionality (fetching public security resources and self-managing dependencies), this introduces a dependency on the integrity of external repositories. It also makes external HTTP requests to a WAF validation API (`public.gen0sec.com`) and GitHub for fetching data. No obvious hardcoded secrets or malicious patterns were found. The security of WAF rule validation is dependent on the external API.
Similar Servers
mcp-scanner
A Python tool for scanning MCP (Model Context Protocol) servers and tools for potential security findings, combining Cisco AI Defense inspect API, YARA rules, and LLM-as-a-judge to detect malicious MCP tools.
tfmcp
A CLI tool enabling LLMs to interact with and manage Terraform infrastructure through the Model Context Protocol (MCP), offering advanced analysis and security features.
mcp-server-code-execution-mode
This server enables LLM agents to execute Python code in a highly secure, isolated container environment, facilitating complex multi-tool orchestration and data analysis with minimal LLM context token usage.
mcp-server-wazuh
This Rust-based server acts as a bridge between a Wazuh SIEM system and applications requiring contextual security data, especially for AI assistants using the Model Context Protocol (MCP).