Security Context MCP Server

Security Context MCP Server

Provides instant access to authoritative security documentation from organizations like OWASP, NIST, and major cloud providers through natural language semantic search. It enables users to retrieve security best practices, frameworks, and vulnerability information directly from a locally cached knowledge base.

Category
Visit Server

README

Security Context MCP Server

An MCP (Model Context Protocol) server that provides instant access to authoritative security documentation from OWASP, NIST, AWS, Google Cloud, SANS, CIS, and other cybersecurity authorities. Think of it as having a security expert at your fingertips.

Features

  • Comprehensive Security Knowledge Base: Aggregates documentation from multiple authoritative sources
  • Semantic Search: Find relevant security guidance using natural language queries
  • Local Caching: Fast, offline-capable access to indexed documentation
  • Multiple Security Domains:
    • OWASP Top 10, Cheat Sheets
    • NIST Cybersecurity Framework, SP 800-53, SP 800-171, Zero Trust
    • AWS Security Best Practices, Well-Architected Framework
    • Google Cloud Security, BeyondCorp Zero Trust
    • SANS/CWE Top 25, CIS Controls
    • CIS Benchmarks

Installation

npm install
npm run build

Initial Setup

Before using the MCP server, fetch and index the security documentation:

npm run fetch-docs

This will:

  1. Download documentation from all configured sources
  2. Index the content for fast semantic search
  3. Cache everything locally in ~/.security-mcp/

The fetch process takes 2-5 minutes depending on your internet connection. You only need to run this once, or periodically to update the documentation.

Usage

As an MCP Server

Add to your Claude Desktop config (~/Library/Application Support/Claude/claude_desktop_config.json on macOS):

{
  "mcpServers": {
    "security-context": {
      "command": "node",
      "args": ["/path/to/security-mcp/dist/index.js"]
    }
  }
}

Or if installed globally:

{
  "mcpServers": {
    "security-context": {
      "command": "security-mcp"
    }
  }
}

Available Tools

Once configured, Claude will have access to these tools:

1. search_security_docs

Search across all security documentation using natural language.

Example queries:

  • "How do I prevent SQL injection?"
  • "What are AWS IAM best practices?"
  • "Explain zero trust architecture"
  • "NIST incident response guidelines"

Parameters:

  • query (required): Your security question or topic
  • limit (optional): Max results (default: 5)
  • source (optional): Filter to specific source (OWASP, NIST, AWS, Google, SANS, CIS)

2. get_security_context

Get comprehensive context on a topic from multiple sources.

Example:

{
  "topic": "authentication best practices"
}

Returns aggregated information from all relevant sources.

3. list_security_sources

List all available documentation sources and their categories.

4. get_owasp_top10

Get specific OWASP Top 10 vulnerability information.

Parameters:

  • category (optional): Specific category like "A01:2021 - Broken Access Control"

Examples

Example 1: Finding Security Guidance

User: "How should I secure my AWS S3 buckets?"

Claude (using search_security_docs):

Found relevant guidance from AWS Security Best Practices:

  • Enable S3 Block Public Access by default
  • Use IAM roles and policies for access control
  • Enable versioning and Object Lock
  • Implement bucket encryption [... detailed results with links ...]

Example 2: Understanding Frameworks

User: "What is NIST CSF and how do I use it?"

Claude (using get_security_context):

The NIST Cybersecurity Framework provides structured approach to managing risk... [Shows information from multiple NIST sources about CSF functions, implementation tiers, and profiles]

Example 3: Vulnerability Research

User: "Tell me about the latest OWASP Top 10"

Claude (using get_owasp_top10):

OWASP Top 10 2021 includes:

  1. A01:2021 - Broken Access Control
  2. A02:2021 - Cryptographic Failures [... detailed information about each category ...]

Architecture

Components

  • MCP Server (src/index.ts): Main server implementing MCP protocol
  • Vector Store (src/vector/simple-store.ts): TF-IDF based search with local caching
  • Document Sources (src/sources/): Fetchers for each security authority
  • Document Fetcher (src/fetcher.ts): Orchestrates downloading and indexing

Data Flow

  1. Fetch Phase: npm run fetch-docs downloads documentation from sources
  2. Index Phase: Content is processed and indexed with TF-IDF for semantic search
  3. Cache Phase: Indexed documents saved to ~/.security-mcp/documents.json
  4. Query Phase: MCP tools search the indexed cache and return relevant results

Storage

Documents are stored in: ~/.security-mcp/documents.json

To update documentation, simply run npm run fetch-docs again.

Customization

Adding New Sources

Create a new source in src/sources/:

import { DocumentSource, SecurityDocument } from "../types.js";

export class CustomSource implements DocumentSource {
  name = "CustomSource";

  async fetchDocuments(): Promise<SecurityDocument[]> {
    // Fetch and return documents
    return [];
  }
}

Then add it to src/fetcher.ts:

import { CustomSource } from "./sources/custom.js";

const sources = [
  // ... existing sources
  new CustomSource(),
];

Upgrading to Vector Embeddings

The current implementation uses TF-IDF for simplicity and zero external dependencies. For better semantic search, you can upgrade to proper embeddings:

  1. Replace SimpleVectorStore with a real vector DB (ChromaDB, Pinecone, Weaviate)
  2. Add embedding generation using:
    • OpenAI embeddings API
    • Local models via Sentence Transformers
    • Anthropic's Claude API

Updating Documentation

Security documentation changes frequently. Update your cache periodically:

npm run fetch-docs

Consider setting up a cron job to update weekly:

# Run every Sunday at 2am
0 2 * * 0 cd /path/to/security-mcp && npm run fetch-docs

Technical Details

Technologies Used

  • MCP SDK: Official Model Context Protocol implementation
  • TypeScript: Type-safe development
  • Axios & Cheerio: Web scraping and HTML parsing
  • Natural: NLP and TF-IDF search
  • PDF Parse: PDF document processing (for future enhancements)

Performance

  • Initial fetch: 2-5 minutes
  • Index size: ~2-5 MB (for all sources)
  • Search latency: <100ms (local cache)
  • Memory usage: ~50-100 MB

Limitations

  • Web scraping may break if source websites change structure
  • TF-IDF is simpler than embedding-based search
  • No automatic update mechanism (manual refresh required)
  • English language only

Troubleshooting

Documents not found

Run the fetcher to download documentation:

npm run fetch-docs

Server not connecting

Check your MCP configuration in Claude Desktop and ensure the path is correct.

Fetch errors

Some sources may be temporarily unavailable. The fetcher continues with other sources even if one fails.

Empty results

Try different query phrasings or use list_security_sources to see what's available.

Contributing

To add more security sources:

  1. Create a new source file in src/sources/
  2. Implement the DocumentSource interface
  3. Add the source to src/fetcher.ts
  4. Submit a pull request

Potential sources to add:

  • Microsoft Security Best Practices
  • Azure Security
  • PCI DSS guidelines
  • HIPAA security rules
  • ISO 27001/27002
  • SOC 2 requirements

License

MIT

Security & Privacy

  • All documentation is cached locally
  • No external API calls during query time
  • No telemetry or data collection
  • Open source and auditable

Support

For issues or questions:

  • File an issue on GitHub
  • Check the documentation
  • Review the source code

Built with ❤️ for the security community

Recommended Servers

playwright-mcp

playwright-mcp

A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.

Official
Featured
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.

Official
Featured
Local
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.

Official
Featured
Local
TypeScript
VeyraX MCP

VeyraX MCP

Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.

Official
Featured
Local
graphlit-mcp-server

graphlit-mcp-server

The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.

Official
Featured
TypeScript
Kagi MCP Server

Kagi MCP Server

An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.

Official
Featured
Python
E2B

E2B

Using MCP to run code via e2b.

Official
Featured
Neon Database

Neon Database

MCP server for interacting with Neon Management API and databases

Official
Featured
Exa Search

Exa Search

A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.

Official
Featured
Qdrant Server

Qdrant Server

This repository is an example of how to create a MCP server for Qdrant, a vector search engine.

Official
Featured