playbooks

home / mcp / security scanner mcp server

Security Scanner MCP Server

security-scanner-mcp

Installation
Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "rupeedev-security-scanner-mcp": {
      "command": "npx",
      "args": [
        "@rupeshpanwar/security-scanner-mcp"
      ]
    }
  }
}

You can run a security-focused MCP server that analyzes code repositories for secrets, vulnerabilities, dependencies, and Git-related risks. It provides practical guidance and tooling to scan projects, check content for secrets, and receive security tips, all accessible through a lightweight MCP client.

How to use

Use a client that speaks the MCP protocol to connect to the Security Scanner MCP Server. You can perform comprehensive repository scans, check individual content for secrets, verify .gitignore patterns, and request security tips. The server exposes several tools that you can invoke through the MCP client to accomplish common security tasks.

Key workflows you can perform: scan a repository for secrets, vulnerabilities, dependencies, and git-related issues; check a snippet or file for potential secrets; validate .gitignore coverage; and fetch security best practice tips.

Here are sample command patterns you can use from the MCP client to exercise the available capabilities. These illustrate typical usage without exposing protocol internals.

# Scan a directory with summary output
security-scan scan /path/to/project

# Scan with detailed output
security-scan scan /path/to/project --format detailed

# Scan specific categories
security-scan scan /path/to/project --categories secrets vulnerabilities

# Output as JSON
security-scan scan /path/to/project --format json

# Save report to file
security-scan scan /path/to/project --format detailed > security-report.txt

Usage with Claude Desktop

If you use Claude Desktop, configure the MCP server in your Claude setup to enable quick, chat-driven scans.

# macOS configuration
{
  "mcpServers": {
    "security-scanner": {
      "command": "npx",
      "args": ["@rupeshpanwar/security-scanner-mcp"]
    }
  }
}
```

```
# Windows configuration
{
  "mcpServers": {
    "security-scanner": {
      "command": "npx",
      "args": ["@rupeshpanwar/security-scanner-mcp"]
    }
  }
}

Available tools

scan_repository

Performs a comprehensive security scan on a repository, with optional output format and category filters.

check_secret

Analyzes a piece of content to determine if it contains potential secrets or sensitive information.

check_gitignore

Analyzes a .gitignore file for missing security patterns and coverage.

get_security_tips

Provides security best practices and targeted tips for specific topics like secrets, gitignore, dependencies, and CI/CD.