security-scanner-mcp
Verified Safeby marc-shade
Overview
Provides comprehensive security scanning capabilities for targets and cluster nodes using Nuclei, integrated with an Agentic System for autonomous vulnerability management.
Installation
${AGENTIC_SYSTEM_PATH:-/opt/agentic}/.venv/bin/python -m security_scanner.serverEnvironment Variables
- NUCLEI_BIN
- SCAN_RESULTS_DIR
- AGENTIC_SYSTEM_PATH
- CLUSTER_NODES_JSON
Security Notes
The server executes external commands via `asyncio.create_subprocess_exec`, which is generally safer than shell-based execution as arguments are passed as a list. However, parameters like `target` and `severity` are directly passed to the Nuclei binary without explicit input validation in the Python code. While Nuclei is expected to handle its arguments safely, crafted inputs could potentially lead to unexpected behavior. The `SCAN_RESULTS_DIR` and `NUCLEI_BIN` paths are configurable via environment variables, which is standard but means their security depends on the environment's integrity. No 'eval', obfuscation, or hardcoded secrets were found. The tool is designed to run a powerful scanner, so inherent risks related to network traffic generation and resource usage should be acknowledged.
Similar Servers
burp-mcp-agents
Connects Burp Suite MCP Server to AI backends (Codex, Gemini, Ollama, LM Studio) for assisted, non-destructive vulnerability analysis using real Burp traffic.
VibeShift
VibeShift is an intelligent security agent that integrates with AI coding assistants to analyze AI-generated code for vulnerabilities, suggest remediations, and facilitate web test recording, crawling, and execution.
pentestMCP
This MCP server enables AI agents to perform automated and interactive penetration testing tasks by exposing a suite of security assessment utilities as callable tools.
mcp-cybersec-watchdog
A Linux server security auditing and continuous monitoring tool that provides security posture analysis and anomaly detection capabilities, designed to be integrated with AI agents.