Security Scanner MCP Server

Security Scanner MCP Server

Enables comprehensive vulnerability scanning using Nuclei scanner with support for single targets, network ranges, and cluster-wide security assessments with customizable severity levels and automated scheduling.

Category
Visit Server

README

Security Scanner MCP Server

MCP Python-3.10+ License Part of Agentic System

Comprehensive security scanning using Nuclei vulnerability scanner with cluster-wide capabilities.

Part of the Agentic System - a 24/7 autonomous AI framework with persistent memory.

Comprehensive security scanning integration using Nuclei vulnerability scanner with cluster-wide capabilities.

Features

  • Single Target Scanning: Scan individual URLs or IPs with customizable severity and templates
  • Network Scanning: Batch scan multiple targets or CIDR ranges
  • Cluster Integration: Scan all nodes in the agentic cluster
  • Template Management: List, filter, and update Nuclei templates
  • Scan History: Retrieve and analyze previous scan results
  • Scheduled Scans: Configure periodic security assessments
  • Multiple Output Formats: JSON, JSONL, or Markdown reports

Installation

cd ${AGENTIC_SYSTEM_PATH:-/opt/agentic}/mcp-servers/security-scanner-mcp
source ${AGENTIC_SYSTEM_PATH:-/opt/agentic}/.venv/bin/activate
pip install -e .

MCP Configuration

Add to ~/.claude.json:

{
  "mcpServers": {
    "security-scanner": {
      "command": "${AGENTIC_SYSTEM_PATH:-/opt/agentic}/.venv/bin/python",
      "args": ["-m", "security_scanner.server"],
      "env": {
        "NUCLEI_BIN": "${HOME}/go/bin/nuclei",
        "SCAN_RESULTS_DIR": "${AGENTIC_SYSTEM_PATH:-/opt/agentic}/security-scans"
      }
    }
  }
}

Available Tools

scan_target

Scan a single target with Nuclei vulnerability scanner.

Parameters:

  • target (required): URL or IP address
  • severity: Array of severity levels ["info", "low", "medium", "high", "critical"]
  • templates: Specific template paths or tags
  • rate_limit: Requests per second (default: 150)
  • timeout: Scan timeout in seconds (default: 300)
  • output_format: "json", "jsonl", or "markdown"

Example:

{
  "target": "https://example.com",
  "severity": ["high", "critical"],
  "rate_limit": 100
}

scan_network

Scan multiple targets from a list or CIDR range.

Parameters:

  • targets: Array of target URLs/IPs
  • target_file: Path to file with targets (one per line)
  • severity: Severity filter
  • parallel: Number of concurrent scans (default: 5)
  • rate_limit: Requests per second per target

scan_cluster_nodes

Scan all nodes in the agentic cluster for vulnerabilities.

Parameters:

  • scan_type: "network", "web", "api", or "full"
  • severity: Severity levels to check

list_templates

List available Nuclei templates by tag, severity, or author.

Parameters:

  • tag: Filter by tag (e.g., "cve", "exposure")
  • severity: Filter by severity level
  • author: Filter by template author

update_templates

Update Nuclei templates to the latest version.

get_scan_results

Retrieve results from a previous scan by scan_id.

Parameters:

  • scan_id (required): Scan identifier
  • limit: Max results to return (default: 100)
  • severity: Filter by severity levels

list_scans

List all previous security scans.

Parameters:

  • limit: Maximum number of scans to return
  • target: Filter by target

schedule_periodic_scan

Schedule recurring security scans (requires agent runtime).

Parameters:

  • targets (required): List of targets to scan
  • interval_hours: Scan interval (default: 24)
  • severity_threshold: Minimum severity to report (default: "medium")
  • notify_on_new: Alert on new vulnerabilities (default: true)

Integration with Agentic System

Cluster-Wide Scanning

The security scanner automatically detects and scans all nodes in the agentic cluster. Cluster nodes are loaded from configuration:

  • builder - Linux build node
  • orchestrator - Coordination node
  • coordinator - Multi-node coordinator
  • files - File server

Autonomous Agent Integration

Combine with the autonomous security scanning agent for:

  • Automated vulnerability assessment
  • Continuous security monitoring
  • Intelligent threat prioritization
  • Automatic remediation recommendations

Enhanced Memory Integration

Scan results are stored in enhanced-memory for:

  • Historical vulnerability tracking
  • Pattern recognition across scans
  • Causal relationship analysis
  • Learning from remediation outcomes

Scan Results

Results are stored in ${AGENTIC_SYSTEM_PATH:-/opt/agentic}/security-scans/:

  • scan_YYYYMMDD_HHMMSS_ID.json - Scan findings
  • scan_YYYYMMDD_HHMMSS_ID_metadata.json - Scan metadata

Example Usage

Scan a single target

# Via Claude Code
scan_target({
  "target": "192.0.2.196",
  "severity": ["high", "critical"],
  "templates": ["network", "exposure"]
})

Scan entire cluster

scan_cluster_nodes({
  "scan_type": "full",
  "severity": ["medium", "high", "critical"]
})

Review previous scans

list_scans({"limit": 10})
get_scan_results({"scan_id": "scan_20251118_110000_1234"})

Security Considerations

  • Scans generate network traffic - coordinate with network admin
  • Rate limiting prevents overwhelming targets
  • Results may contain sensitive information - restrict access
  • Authorized scanning only - verify permission before scanning external targets

Dependencies

  • Nuclei v3.5.1+
  • Python 3.10+
  • asyncio
  • aiofiles
  • pydantic

References

License

MIT License - Part of the Mac Pro 5,1 Agentic System

Part of the MCP Ecosystem

This server integrates with other MCP servers for comprehensive AGI capabilities:

Server Purpose
enhanced-memory-mcp 4-tier persistent memory with semantic search
agent-runtime-mcp Persistent task queues and goal decomposition
agi-mcp Full AGI orchestration with 21 tools
cluster-execution-mcp Distributed task routing across nodes
node-chat-mcp Inter-node AI communication
ember-mcp Production-only policy enforcement

See agentic-system-oss for the complete framework.

Recommended Servers

playwright-mcp

playwright-mcp

A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.

Official
Featured
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.

Official
Featured
Local
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.

Official
Featured
Local
TypeScript
VeyraX MCP

VeyraX MCP

Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.

Official
Featured
Local
graphlit-mcp-server

graphlit-mcp-server

The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.

Official
Featured
TypeScript
Kagi MCP Server

Kagi MCP Server

An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.

Official
Featured
Python
E2B

E2B

Using MCP to run code via e2b.

Official
Featured
Neon Database

Neon Database

MCP server for interacting with Neon Management API and databases

Official
Featured
Exa Search

Exa Search

A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.

Official
Featured
Qdrant Server

Qdrant Server

This repository is an example of how to create a MCP server for Qdrant, a vector search engine.

Official
Featured