io.github.andrasfe/vulnicheckdev-tools

vulnicheck

Verified · today

HTTP MCP Server for comprehensive Python vulnerability scanning and security analysis.

Install

claude mcp add vulnicheck -- docker run -i --rm docker.io/andrasfe/vulnicheck:main

Requires: NVD_API_KEY, GITHUB_TOKEN, OPENAI_API_KEY, ANTHROPIC_API_KEY, MCP_PORT, CACHE_TTL, VULNICHECK_HTTP_ONLY

Our take

VulniCheck is a Dockerized HTTP MCP server for Python dependency, secret, Dockerfile, GitHub repo, and MCP configuration security checks. The caveat is operational rather than trust: its README says Google OAuth over HTTP is currently broken with FastMCP, so external deployments may run unauthenticated unless users add their own tunnel or access controls.

reviewed by hand · 2026-07-06

Something wrong or dead here? Report it

Verification record

last verified
today
github stars
11
last commit
4 mo ago
archived
no
license
MIT
in registry since
2025-09-19

github.com/andrasfe/vulnicheck