azdevops-apisec-mcp-audit_v1.0.0
Verified Safeby renatogroffe
Overview
Demonstrates the integration of the APIsec MCP Audit tool within an Azure DevOps pipeline for scanning repository code and generating security reports.
Installation
No command providedSecurity Notes
The pipeline downloads and installs a third-party tool (mcp-audit) from GitHub. The security of the overall process depends on the trustworthiness of this external tool. No 'eval' or obvious malicious patterns are present in the provided YAML code. A hardcoded email 'renatogroff@gmail.com' is used for report generation, which is not a security risk in this context.
Similar Servers
sonarqube-mcp-server
The SonarQube MCP Server enables seamless integration with SonarQube Server or Cloud for code quality and security, supporting analysis of code snippets and acting as a backend for AI coding agents.
mcp-server-azure-devops
This server provides an AI agent with tools to interact with Azure DevOps services, including searching code, wikis, and work items, managing pull requests, retrieving project details, and handling pipeline operations.
mcp-audit
Security audit and governance for AI agent configurations (MCPs) in development environments and GitHub repositories.
copilot-security-instructions
This MCP server provides a toolkit to guide GitHub Copilot toward secure coding practices by offering customizable security-focused prompts and agents for integration into development workflows.