SecPipe
Enables AI agents to orchestrate security research workflows by connecting to containerized security tools via MCP, allowing automated vulnerability analysis and pipeline execution.
README
<h1 align="center">SecPipe</h1> <h3 align="center">AI-Powered Security Research Orchestration via MCP</h3>
<p align="center"> <a href="https://discord.gg/8XEX33UUwZ"><img src="https://img.shields.io/discord/1420767905255133267?logo=discord&label=Discord" alt="Discord"></a> <a href="LICENSE"><img src="https://img.shields.io/badge/license-BSL%201.1-blue" alt="License: BSL 1.1"></a> <a href="https://www.python.org/downloads/"><img src="https://img.shields.io/badge/python-3.12%2B-blue" alt="Python 3.12+"/></a> <a href="https://modelcontextprotocol.io"><img src="https://img.shields.io/badge/MCP-compatible-green" alt="MCP Compatible"/></a> </p>
<p align="center"> <strong>Let AI agents orchestrate your security research workflows locally</strong> </p>
<p align="center"> <sub> <a href="#-overview"><b>Overview</b></a> • <a href="#-features"><b>Features</b></a> • <a href="#-mcp-security-hub"><b>Security Hub</b></a> • <a href="#-installation"><b>Installation</b></a> • <a href="USAGE.md"><b>Usage Guide</b></a> • <a href="#-contributing"><b>Contributing</b></a> </sub> </p>
🚧 SecPipe AI is under active development. Expect breaking changes and new features!
🚀 Overview
SecPipe AI is an open-source MCP server that enables AI agents (GitHub Copilot, Claude, etc.) to orchestrate security research workflows through the Model Context Protocol (MCP).
SecPipe connects your AI assistant to MCP tool hubs — collections of containerized security tools that the agent can discover, chain, and execute autonomously. Instead of manually running security tools, describe what you want and let your AI assistant handle it.
The Core: Hub Architecture
SecPipe acts as a meta-MCP server — a single MCP endpoint that gives your AI agent access to tools from multiple MCP hub servers. Each hub server is a containerized security tool (Binwalk, YARA, Radare2, Nmap, etc.) that the agent can discover at runtime.
- 🔍 Discovery: The agent lists available hub servers and discovers their tools
- 🤖 AI-Native: Hub tools provide agent context — usage tips, workflow guidance, and domain knowledge
- 🔗 Composable: Chain tools from different hubs into automated pipelines
- 📦 Extensible: Add your own MCP servers to the hub registry
🎬 Use Case: Firmware Vulnerability Research
Scenario: Analyze a firmware image to find security vulnerabilities — fully automated by an AI agent.
User: "Search for vulnerabilities in firmware.bin"
Agent → Binwalk: Extract filesystem from firmware image
Agent → YARA: Scan extracted files for vulnerability patterns
Agent → Radare2: Trace dangerous function calls in prioritized binaries
Agent → Report: 8 vulnerabilities found (2 critical, 4 high, 2 medium)
🎬 Use Case: Rust Fuzzing Pipeline
Scenario: Fuzz a Rust crate to discover vulnerabilities using AI-assisted harness generation and parallel fuzzing.
User: "Fuzz the blurhash crate for vulnerabilities"
Agent → Rust Analyzer: Identify fuzzable functions and attack surface
Agent → Harness Gen: Generate and validate fuzzing harnesses
Agent → Cargo Fuzzer: Run parallel coverage-guided fuzzing sessions
Agent → Crash Analysis: Deduplicate and triage discovered crashes
⭐ Support the Project
If you find SecPipe useful, please star the repo to support development! 🚀
<a href="https://github.com/FuzzingLabs/secpipe_ai/stargazers"> <img src="https://img.shields.io/github/stars/FuzzingLabs/secpipe_ai?style=social" alt="GitHub Stars"> </a>
✨ Features
| Feature | Description |
|---|---|
| 🤖 AI-Native | Built for MCP — works with GitHub Copilot, Claude, and any MCP-compatible agent |
| 🔌 Hub System | Connect to MCP tool hubs — each hub brings dozens of containerized security tools |
| 🔍 Tool Discovery | Agents discover available tools at runtime with built-in usage guidance |
| 🔗 Pipelines | Chain tools from different hubs into automated multi-step workflows |
| 🔄 Persistent Sessions | Long-running tools (Radare2, fuzzers) with stateful container sessions |
| 🏠 Local First | All execution happens on your machine — no cloud required |
| 🔒 Sandboxed | Every tool runs in an isolated container via Docker or Podman |
🏗️ Architecture
┌─────────────────────────────────────────────────────────────────┐
│ AI Agent (Copilot/Claude) │
└───────────────────────────┬─────────────────────────────────────┘
│ MCP Protocol (stdio)
▼
┌─────────────────────────────────────────────────────────────────┐
│ SecPipe MCP Server │
│ │
│ Projects Hub Discovery Hub Execution │
│ ┌──────────────┐ ┌──────────────────┐ ┌───────────────────┐ │
│ │init_project │ │list_hub_servers │ │execute_hub_tool │ │
│ │set_assets │ │discover_hub_tools│ │start_hub_server │ │
│ │list_results │ │get_tool_schema │ │stop_hub_server │ │
│ └──────────────┘ └──────────────────┘ └───────────────────┘ │
└───────────────────────────┬─────────────────────────────────────┘
│ Docker/Podman
▼
┌─────────────────────────────────────────────────────────────────┐
│ MCP Hub Servers │
│ │
│ ┌───────────┐ ┌───────────┐ ┌───────────┐ ┌───────────┐ │
│ │ Binwalk │ │ YARA │ │ Radare2 │ │ Nmap │ │
│ │ 6 tools │ │ 5 tools │ │ 32 tools │ │ 8 tools │ │
│ └───────────┘ └───────────┘ └───────────┘ └───────────┘ │
│ ┌───────────┐ ┌───────────┐ ┌───────────┐ ┌───────────┐ │
│ │ Nuclei │ │ SQLMap │ │ Trivy │ │ ... │ │
│ │ 7 tools │ │ 8 tools │ │ 7 tools │ │ 36 hubs │ │
│ └───────────┘ └───────────┘ └───────────┘ └───────────┘ │
└─────────────────────────────────────────────────────────────────┘
🔧 MCP Security Hub
SecPipe ships with built-in support for the MCP Security Hub — a collection of 36 production-ready, Dockerized MCP servers covering offensive security:
| Category | Servers | Examples |
|---|---|---|
| 🔍 Reconnaissance | 8 | Nmap, Masscan, Shodan, WhatWeb |
| 🌐 Web Security | 6 | Nuclei, SQLMap, ffuf, Nikto |
| 🔬 Binary Analysis | 6 | Radare2, Binwalk, YARA, Capa, Ghidra |
| ⛓️ Blockchain | 3 | Medusa, Solazy, DAML Viewer |
| ☁️ Cloud Security | 3 | Trivy, Prowler, RoadRecon |
| 💻 Code Security | 1 | Semgrep |
| 🔑 Secrets Detection | 1 | Gitleaks |
| 💥 Exploitation | 1 | SearchSploit |
| 🎯 Fuzzing | 2 | Boofuzz, Dharma |
| 🕵️ OSINT | 2 | Maigret, DNSTwist |
| 🛡️ Threat Intel | 2 | VirusTotal, AlienVault OTX |
| 🏰 Active Directory | 1 | BloodHound |
185+ individual tools accessible through a single MCP connection.
The hub is open source and can be extended with your own MCP servers. See the mcp-security-hub repository for details.
📦 Installation
Prerequisites
- Python 3.12+
- uv package manager
- Docker (Install Docker) or Podman
Quick Install
# Clone the repository
git clone https://github.com/FuzzingLabs/secpipe_ai.git
cd secpipe_ai
# Install dependencies
uv sync
Link the Security Hub
# Clone the MCP Security Hub
git clone https://github.com/FuzzingLabs/mcp-security-hub.git ~/.secpipe/hubs/mcp-security-hub
# Build the Docker images for the hub tools
./scripts/build-hub-images.sh
Or use the terminal UI (uv run secpipe ui) to link hubs interactively.
Configure MCP for Your AI Agent
# For GitHub Copilot
uv run secpipe mcp install copilot
# For Claude Code (CLI)
uv run secpipe mcp install claude-code
# For Claude Desktop (standalone app)
uv run secpipe mcp install claude-desktop
# Verify installation
uv run secpipe mcp status
Restart your editor and your AI agent will have access to SecPipe tools!
🧑💻 Usage
Once installed, just talk to your AI agent:
"What security tools are available?"
"Scan this firmware image for vulnerabilities"
"Analyze this binary with radare2"
"Run nuclei against https://example.com"
The agent will use SecPipe to discover the right hub tools, chain them into a pipeline, and return results — all without you touching a terminal.
See the Usage Guide for detailed setup and advanced workflows.
📁 Project Structure
secpipe_ai/
├── secpipe-mcp/ # MCP server — the core of SecPipe
├── secpipe-cli/ # Command-line interface & terminal UI
├── secpipe-common/ # Shared abstractions (containers, storage)
├── secpipe-runner/ # Container execution engine (Docker/Podman)
├── secpipe-tests/ # Integration tests
├── mcp-security-hub/ # Default hub: 36 offensive security MCP servers
└── scripts/ # Hub image build scripts
🤝 Contributing
We welcome contributions from the community!
- 🐛 Report bugs via GitHub Issues
- 💡 Suggest features or improvements
- 🔧 Submit pull requests
- 🔌 Add new MCP servers to the Security Hub
See CONTRIBUTING.md for guidelines.
📄 License
BSL 1.1 - See LICENSE for details.
<p align="center"> <strong>Maintained by <a href="https://fuzzinglabs.com">FuzzingLabs</a></strong> <br> </p>
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.