mcp-server
Verified Safeby gen0sec
Overview
Provides tools and context for LLMs to generate and validate Wirefilter WAF rules based on natural language descriptions or CVE identifiers, integrating with external vulnerability databases.
Installation
docker run -p 8000:8000 waf-rule-mcpEnvironment Variables
- WAF_VALIDATION_API_URL
- NUCLEI_TEMPLATES_VERSION
- NUCLEI_TEMPLATES_AUTO_UPDATE
- NUCLEI_OPENSOURCE_ENABLED
- NUCLEI_OPENSOURCE_PRIORITY
- PROJECTDISCOVERY_ENABLED
- PROJECTDISCOVERY_API_KEY
- PROJECTDISCOVERY_PRIORITY
Security Notes
The server uses `subprocess.run` to interact with `git` for repository cloning/pulling, which, while commands are hardcoded, relies on `repo_url` from configuration. It also makes external HTTP requests to a configurable WAF validation API and ProjectDiscovery API. Malicious configuration of `WAF_VALIDATION_API_URL` or `PROJECTDISCOVERY_API_KEY` could lead to data exfiltration or other network-based attacks. No 'eval' or obvious obfuscation was found, and sensitive API keys are expected to be configured by the user via environment variables or a YAML file.
Similar Servers
mcp-scanner
Scans Model Context Protocol (MCP) servers, tools, prompts, and resources for security vulnerabilities, employing static analysis, YARA rules, Cisco AI Defense API, and LLM-based behavioral analysis.
mcp-server-code-execution-mode
This server enables LLM agents to execute Python code in a highly secure, isolated container environment, facilitating complex multi-tool orchestration and data analysis with minimal LLM context token usage.
mcp-server-wazuh
This Rust-based server acts as a bridge between a Wazuh SIEM system and applications requiring contextual security data, especially for AI assistants using the Model Context Protocol (MCP).
webscraping-ai-mcp-server
Integrates with WebScraping.AI to provide LLM-powered web data extraction, including question answering, structured data extraction, and HTML/text retrieval, with advanced features like JavaScript rendering and proxy management.