vulnerability-scanner-mcp

rishidandu/vulnerability-scanner-mcp

3.1

If you are the rightful owner of vulnerability-scanner-mcp and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to dayong@mcphub.com.

The Vulnerability Detection MCP Server is a comprehensive tool designed to identify security vulnerabilities in code and facilitate LLM-assisted remediation, integrating seamlessly with 'vibe coding' workflows.

Tools
3
Resources
0
Prompts
0

Vulnerability Detection MCP Server

A comprehensive Model Context Protocol (MCP) server for detecting security vulnerabilities in code and requesting LLM-assisted remediation. This tool is designed to integrate with "vibe coding" workflows to catch dangerous patterns before they make it into production.

Features

  • Multi-language Support: Detects vulnerabilities in Python, JavaScript/TypeScript, Java, PHP, C#, Ruby, Go, and more
  • Comprehensive Detection: Identifies SQL injection, XSS, command injection, path traversal, hardcoded secrets, insecure randomization, and unsafe deserialization
  • AST Analysis: Advanced Python analysis using Abstract Syntax Trees for more accurate detection
  • Scalable Architecture: Plugin system for custom rules and language-specific detectors
  • LLM Integration: Generates prompts for code regeneration when vulnerabilities are found
  • Configurable: Flexible configuration system with severity filtering and custom rules
  • Fast Scanning: Optimized pattern matching with context capture

Vulnerability Types Detected

Critical Severity

  • SQL Injection: Direct string concatenation, format strings in SQL queries
  • Command Injection: Unsafe system command execution with user input
  • Code Injection: Use of eval(), exec() with user input
  • Unsafe Deserialization: pickle.loads(), unsafe YAML loading
  • Hardcoded API Keys: API keys, tokens, and secrets in source code

High Severity

  • XSS Vulnerabilities: innerHTML assignments, unsafe DOM manipulation
  • Path Traversal: File operations with unvalidated user paths
  • Hardcoded Passwords: Database passwords and authentication secrets
  • Subprocess Shell Injection: subprocess calls with shell=True

Medium Severity

  • Insecure Random: Using random module or Math.random() for security
  • Weak Cryptography: Deprecated or weak cryptographic functions

Low Severity

  • Information Disclosure: Debug mode enabled, verbose error messages
  • Missing Security Headers: Missing CSRF protection, security headers

Installation

# Clone the repository
git clone <repository-url>
cd vulnerability-detection-mcp-server

# Install dependencies
pip install -e .

# Or install development dependencies
pip install -e ".[dev]"

Usage

As an MCP Server

The server can be integrated with any MCP-compatible client:

# Start the server
python -m vulnerability_mcp_server.main

Configuration

Create a vulnerability_config.json file:

{
  "enabled_vulnerability_types": [
    "sql_injection",
    "xss",
    "command_injection",
    "path_traversal",
    "hardcoded_secrets"
  ],
  "minimum_severity": "medium",
  "max_file_size_mb": 10,
  "timeout_seconds": 30,
  "enable_ast_analysis": true,
  "max_concurrent_scans": 4
}

Available Tools

scan_code

Scan a single code snippet for vulnerabilities:

{
  "name": "scan_code",
  "arguments": {
    "code": "SELECT * FROM users WHERE id = " + user_id,
    "language": "python",
    "min_severity": "medium",
    "use_ast": true
  }
}
batch_scan

Scan multiple files simultaneously:

{
  "name": "batch_scan",
  "arguments": {
    "files": [
      {
        "code": "vulnerable code here",
        "file_path": "app.py",
        "language": "python"
      }
    ],
    "min_severity": "high"
  }
}
request_regeneration

Generate an LLM prompt for secure code regeneration:

{
  "name": "request_regeneration",
  "arguments": {
    "original_code": "vulnerable code",
    "vulnerabilities": [/* vulnerability objects */],
    "language": "python"
  }
}

Plugin System

Create custom vulnerability detection plugins:

from vulnerability_mcp_server.plugin_system import BaseVulnerabilityPlugin
from vulnerability_mcp_server.rules import VulnerabilityPattern, VulnerabilityType, Severity

class MyCustomPlugin(BaseVulnerabilityPlugin):
    @property
    def name(self) -> str:
        return "my_custom_rules"
    
    @property
    def version(self) -> str:
        return "1.0.0"
    
    @property
    def supported_languages(self) -> List[str]:
        return ["python", "javascript"]
    
    def get_rules(self) -> List[VulnerabilityPattern]:
        return [
            VulnerabilityPattern(
                name="custom_rule",
                pattern=re.compile(r'dangerous_function\(.*\)'),
                vulnerability_type=VulnerabilityType.XSS,
                severity=Severity.HIGH,
                description="Custom dangerous function detected",
                fix_suggestion="Use safe alternative",
                languages=["python"]
            )
        ]

Examples

Basic Vulnerability Detection

from vulnerability_mcp_server.detector import VulnerabilityDetector

detector = VulnerabilityDetector()

vulnerable_code = '''
def get_user(user_id):
    query = "SELECT * FROM users WHERE id = " + user_id
    return db.execute(query)
'''

result = detector.scan_code(vulnerable_code, "example.py", "python")

for vuln in result.vulnerabilities:
    print(f"Found {vuln.vulnerability_type.value} at line {vuln.line_number}")
    print(f"Severity: {vuln.severity.value}")
    print(f"Fix: {vuln.fix_suggestion}")

Integration with LLM Workflows

  1. Detection Phase: Scan code for vulnerabilities
  2. Alert Phase: Surface issues to the user with context
  3. Regeneration Phase: Request LLM to fix the code
  4. Verification Phase: Re-scan the generated code
# 1. Detect vulnerabilities
result = detector.scan_code(user_code)

if result.vulnerabilities:
    # 2. Generate regeneration prompt
    prompt = create_regeneration_prompt({
        "original_code": user_code,
        "vulnerabilities": [asdict(v) for v in result.vulnerabilities],
        "language": result.language
    })
    
    # 3. Send to LLM for regeneration
    # (Integration with your LLM client)
    
    # 4. Verify the fixed code
    fixed_result = detector.scan_code(llm_response)

Testing

Run the test suite:

# Run all tests
pytest

# Run with coverage
pytest --cov=vulnerability_mcp_server

# Run specific test file
pytest tests/test_detector.py -v

Performance

  • Scanning Speed: ~1000 lines/second for regex-based detection
  • AST Analysis: ~500 lines/second for Python AST scanning
  • Memory Usage: <50MB for typical codebases
  • Scalability: Supports concurrent scanning of multiple files

Contributing

  1. Fork the repository
  2. Create a feature branch
  3. Add tests for new functionality
  4. Ensure all tests pass
  5. Submit a pull request

Adding New Vulnerability Rules

  1. Add patterns to vulnerability_mcp_server/rules.py
  2. Create tests in tests/test_detector.py
  3. Update documentation

Creating Plugins

  1. Extend BaseVulnerabilityPlugin
  2. Add to the plugin directory
  3. Register with the plugin manager

Security Considerations

  • This tool is designed for defensive security only
  • It helps identify vulnerabilities, not exploit them
  • All detection patterns are based on publicly known security best practices
  • The tool does not execute or modify the scanned code

License

MIT License - see LICENSE file for details

Roadmap

  • Support for more programming languages (Rust, Swift, Kotlin)
  • Integration with popular IDEs and editors
  • Real-time scanning during development
  • Custom rule builder UI
  • Integration with CI/CD pipelines
  • SARIF output format support
  • Machine learning-based vulnerability detection
  • Performance optimizations for large codebases