Securityscorecard Mcp

Name: Securityscorecard Mcp
Author: CallMarcus

CallMarcus/security-scorecard-mcp

Query SecurityScorecard ratings and portfolio data from your agent during vendor review or self-assessment.

Overview

SecurityScorecard MCP is an MCP server for the Ship phase that lets agents call the unofficial SecurityScorecard API with your dashboard token.

What is this MCP server?

Community MCP server for SecurityScorecard API (unofficial) v1.1.1
Stdio npm package @callmarcus/securityscorecard-mcp
SECURITY_SCORECARD_API_TOKEN required; optional COMPANY_DOMAIN default
Comprehensive API surface for portfolio and company domain queries from agents
Version 1.1.1; npm @callmarcus/securityscorecard-mcp
2 documented env vars: SECURITY_SCORECARD_API_TOKEN (required), COMPANY_DOMAIN (optional)
Transport: stdio; unofficial community build

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

What problem does it solve?

Vendor and self security scores live in a separate dashboard while you need answers inside your agent workflow.

Who is it for?

Builders with SecurityScorecard access who want agent-driven vendor diligence or score monitoring.

Skip if: Teams without SSC subscriptions, regulated decisions requiring official SSC UI only, or greenfield apps with no third-party risk process.

What do I get? / Deliverables

After install, agents can query SecurityScorecard data via MCP using your API token and optional default domain.

MCP tools wired to SecurityScorecard API endpoints
Agent-readable security score and portfolio query results

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

External security ratings and vendor diligence are part of shipping safely and proving posture to customers. Security subphase covers third-party risk APIs and score-driven checks before launch and enterprise deals.

How it compares

Unofficial SecurityScorecard API MCP bridge, not a penetration-test skill or WAF integration.

Common Questions / FAQ

Who is securityscorecard-mcp for?

Solo founders and small teams with SecurityScorecard API access who want ratings in Claude or Cursor during security reviews.

When should I use securityscorecard-mcp?

Use it before launch or enterprise sales when you need portfolio scores, domain benchmarks, or vendor comparisons inside the agent.

How do I add securityscorecard-mcp to my agent?

Set SECURITY_SCORECARD_API_TOKEN (and optional COMPANY_DOMAIN), add @callmarcus/securityscorecard-mcp stdio to MCP config, restart the client.

Securityscorecard Mcp

CallMarcus/security-scorecard-mcp

Query SecurityScorecard ratings and portfolio data from your agent during vendor review or self-assessment.

Overview

SecurityScorecard MCP is an MCP server for the Ship phase that lets agents call the unofficial SecurityScorecard API with your dashboard token.

What is this MCP server?

Community MCP server for SecurityScorecard API (unofficial) v1.1.1
Stdio npm package @callmarcus/securityscorecard-mcp
SECURITY_SCORECARD_API_TOKEN required; optional COMPANY_DOMAIN default
Comprehensive API surface for portfolio and company domain queries from agents
Version 1.1.1; npm @callmarcus/securityscorecard-mcp
2 documented env vars: SECURITY_SCORECARD_API_TOKEN (required), COMPANY_DOMAIN (optional)
Transport: stdio; unofficial community build

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

What problem does it solve?

Vendor and self security scores live in a separate dashboard while you need answers inside your agent workflow.

Who is it for?

Builders with SecurityScorecard access who want agent-driven vendor diligence or score monitoring.

Skip if: Teams without SSC subscriptions, regulated decisions requiring official SSC UI only, or greenfield apps with no third-party risk process.

What do I get? / Deliverables

After install, agents can query SecurityScorecard data via MCP using your API token and optional default domain.

MCP tools wired to SecurityScorecard API endpoints
Agent-readable security score and portfolio query results

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

Unofficial SecurityScorecard API MCP bridge, not a penetration-test skill or WAF integration.

Common Questions / FAQ

Who is securityscorecard-mcp for?

Solo founders and small teams with SecurityScorecard API access who want ratings in Claude or Cursor during security reviews.

When should I use securityscorecard-mcp?

Use it before launch or enterprise sales when you need portfolio scores, domain benchmarks, or vendor comparisons inside the agent.

How do I add securityscorecard-mcp to my agent?

Set SECURITY_SCORECARD_API_TOKEN (and optional COMPANY_DOMAIN), add @callmarcus/securityscorecard-mcp stdio to MCP config, restart the client.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is securityscorecard-mcp for?

When should I use securityscorecard-mcp?

How do I add securityscorecard-mcp to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is securityscorecard-mcp for?

When should I use securityscorecard-mcp?

How do I add securityscorecard-mcp to my agent?