Mcp Server Security Audit

Name: Mcp Server Security Audit
Author: joepangallo

joepangallo/agent-audit

Run website security scans for vulnerabilities, HTTP headers, TLS, and email security before you expose a new app to the internet.

Overview

io.github.joepangallo/mcp-server-security-audit is an MCP server for the Ship phase that scans websites for vulnerabilities, headers, TLS, and email security through your agent.

What is this MCP server?

Scan websites for common security vulnerabilities
Evaluate HTTP security headers and TLS configuration
Check email-related security settings on domains
Stdio MCP package mcp-server-security-audit v1.0.3 via npm
Agent-driven pre-ship audits without a separate pentest GUI
Server version 1.0.3
Audit scope includes vulnerabilities, headers, TLS, and email security per description
Single stdio npm MCP package mcp-server-security-audit

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

What problem does it solve?

You are about to ship a public URL but lack a fast, repeatable way to verify headers, TLS, and obvious vulnerabilities without hiring a consultant.

Who is it for?

Solo builders launching web apps who want MCP-driven security baselines on each deploy.

Skip if: Organizations needing formal compliance attestations or deep manual pentests on regulated workloads.

What do I get? / Deliverables

Your agent can trigger security audits and return actionable configuration findings before you call the release done.

Agent-generated security audit summaries for target sites
Header, TLS, and email-security findings for remediation
Repeatable pre-ship security checklist invocations

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Shipping safely means catching misconfigurations and surface issues before launch traffic and attackers arrive. Security is the canonical subphase for vulnerability and configuration audits distinct from code review or perf tuning.

How it compares

MCP security scanner integration, not a CI-native SAST/DAST platform or WAF product.

Common Questions / FAQ

Who is mcp-server-security-audit for?

Builders shipping websites or APIs who want Claude Code, Cursor, or similar agents to run vulnerability and configuration scans via MCP.

When should I use mcp-server-security-audit?

Use it in Ship before launch or after infrastructure changes when you need header, TLS, email security, and vulnerability checks on a live URL.

How do I add mcp-server-security-audit to my agent?

Install npm package mcp-server-security-audit, configure stdio MCP in your agent, and follow joepangallo/agent-audit for target URLs and any required settings.

Mcp Server Security Audit

joepangallo/agent-audit

Run website security scans for vulnerabilities, HTTP headers, TLS, and email security before you expose a new app to the internet.

Overview

io.github.joepangallo/mcp-server-security-audit is an MCP server for the Ship phase that scans websites for vulnerabilities, headers, TLS, and email security through your agent.

What is this MCP server?

Scan websites for common security vulnerabilities
Evaluate HTTP security headers and TLS configuration
Check email-related security settings on domains
Stdio MCP package mcp-server-security-audit v1.0.3 via npm
Agent-driven pre-ship audits without a separate pentest GUI
Server version 1.0.3
Audit scope includes vulnerabilities, headers, TLS, and email security per description
Single stdio npm MCP package mcp-server-security-audit

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

What problem does it solve?

You are about to ship a public URL but lack a fast, repeatable way to verify headers, TLS, and obvious vulnerabilities without hiring a consultant.

Who is it for?

Solo builders launching web apps who want MCP-driven security baselines on each deploy.

Skip if: Organizations needing formal compliance attestations or deep manual pentests on regulated workloads.

What do I get? / Deliverables

Your agent can trigger security audits and return actionable configuration findings before you call the release done.

Agent-generated security audit summaries for target sites
Header, TLS, and email-security findings for remediation
Repeatable pre-ship security checklist invocations

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

MCP security scanner integration, not a CI-native SAST/DAST platform or WAF product.

Common Questions / FAQ

Who is mcp-server-security-audit for?

Builders shipping websites or APIs who want Claude Code, Cursor, or similar agents to run vulnerability and configuration scans via MCP.

When should I use mcp-server-security-audit?

Use it in Ship before launch or after infrastructure changes when you need header, TLS, email security, and vulnerability checks on a live URL.

How do I add mcp-server-security-audit to my agent?

Install npm package mcp-server-security-audit, configure stdio MCP in your agent, and follow joepangallo/agent-audit for target URLs and any required settings.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is mcp-server-security-audit for?

When should I use mcp-server-security-audit?

How do I add mcp-server-security-audit to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is mcp-server-security-audit for?

When should I use mcp-server-security-audit?

How do I add mcp-server-security-audit to my agent?