Skip to main content

Thin client MCP server for AI Security Scanner - connects to cloud-hosted 27 agents (100% OWASP coverage)

Project description

AI Security Scanner MCP - Cloud Edition

World's first comprehensive agentic AI security scanner with 27 specialized agents covering 100% OWASP ASI + LLM vulnerabilities. This thin client connects to our secure cloud infrastructure where all scanning happens.

Current Version: 1.0.31 | Python: >=3.10 | Package Size: ~50KB

๐Ÿ—๏ธ Architecture

This package is a lightweight cloud proxy (~50KB) that connects Claude Code to our cloud-hosted security scanning infrastructure. All 27 security agents run in our secure Google Cloud environment, not on your local machine.

Benefits of Cloud Architecture:

  • Always up-to-date security rules
  • No local compute resources needed
  • Proprietary agent logic protected
  • Consistent scanning environment
  • Sub-second scan execution
  • NEW: Automatic report file generation

๐Ÿš€ Quick Start

Step 1: Get Your API Key

  1. Visit https://app.ai-threat-scanner.com/dashboard/api-keys
  2. Sign up for free account
  3. Generate new API key
  4. Copy your key (format: ciso_live_abc123xyz)

Step 2: Install Thin Client (uvx recommended)

Recommended: Use uvx (no installation required):

claude mcp add ai-security-scanner \
  -e AI_SECURITY_API_KEY=ciso_live_abc123xyz \
  -- uvx --python=3.12 ai-security-mcp@1.0.31

Alternative: Traditional pip install:

pip install ai-security-mcp==1.0.31
claude mcp add ai-security-scanner \
  -e AI_SECURITY_API_KEY=ciso_live_abc123xyz \
  -- ai-security-mcp

Replace ciso_live_abc123xyz with your actual API key.

Step 3: Start Scanning

Open Claude Code and ask:

Scan this repository for AI security vulnerabilities

The thin client will connect to our cloud infrastructure, execute all 27 security agents, and return comprehensive vulnerability findings.

Reports are automatically saved to AIThreatScannerReports/{repository}/ with:

  • Agentic Security Report (vulnerability findings)
  • Comprehensive Analysis (detailed context)
  • Coverage Report (OWASP testing metrics)
  • Scan Summary (JSON format)

๐Ÿ“‹ Complete Setup Example (macOS)

This example walks through the complete setup process from scratch:

# 1. Install uvx (if not already installed)
pip install uv

# 2. Get your API key from https://app.ai-threat-scanner.com/dashboard/api-keys
# (Sign up for free account if needed)

# 3. Configure Claude desktop MCP server
cat > ~/Library/Application\ Support/Claude/claude_desktop_config.json <<'EOF'
{
  "mcpServers": {
    "ai-security-scanner": {
      "command": "/Users/$(whoami)/.local/bin/uvx",
      "args": ["--python=3.12", "ai-security-mcp@1.0.31"],
      "env": {
        "AI_SECURITY_API_KEY": "your_api_key_here",
        "AI_SECURITY_MCP_URL": "https://ciso-mcp-server-production.up.railway.app/api/tools/call"
      }
    }
  }
}
EOF

# 4. Replace "your_api_key_here" with your actual API key
# Edit the file and update the API key:
# open ~/Library/Application\ Support/Claude/claude_desktop_config.json

# 5. Restart Claude to load the MCP server
killall Claude && sleep 3 && open -a Claude

# 6. Verify MCP server is running (wait ~10 seconds after Claude starts)
ps aux | grep "ai-security-mcp"
# Expected output: Shows uvx running ai-security-mcp@1.0.31

# 7. In Claude, ask: "Scan this repository for AI security vulnerabilities"

# 8. After scan completes, check for report files
ls -lh AIThreatScannerReports/
# Expected: Directory with subdirectories for each scanned repository

# Example output after scanning a repo named "my-app":
# AIThreatScannerReports/my-app/
#   โ”œโ”€โ”€ AgenticSecurityReport_20251028_143022_abc123.md
#   โ”œโ”€โ”€ ComprehensiveAnalysis_20251028_143022_abc123.md
#   โ”œโ”€โ”€ CoverageReport_20251028_143022_abc123.md
#   โ””โ”€โ”€ ScanSummary_20251028_143022_abc123.json

Verification checklist:

  • โœ… uvx installed (which uvx)
  • โœ… Config file has valid JSON syntax
  • โœ… API key format: ciso_live_...
  • โœ… MCP server process running (ps aux | grep ai-security-mcp)
  • โœ… Claude shows AI Security Scanner in MCP menu
  • โœ… Scan completes and shows results
  • โœ… Report files created in AIThreatScannerReports/

๐Ÿ“Š What You Get

27 Cloud-Hosted Security Agents

OWASP ASI (17 agents): Memory Poisoning, Tool Misuse, Privilege Compromise, Resource Overload, Cascading Hallucination, Intent Breaking, Misaligned Behaviors, Repudiation, Identity Spoofing, Overwhelming HITL, Unexpected RCE, Agent Communication Poisoning, Rogue Agents, Human Attacks, Human Manipulation, Insecure Protocol, Supply Chain

OWASP LLM Top 10 (10 agents): Prompt Injection, Insecure Output Handling, Training Data Poisoning, Model DoS, Supply Chain, Information Disclosure, Insecure Plugin Design, Excessive Agency, Overreliance, Model Theft

๐Ÿ”’ Security & Privacy

Cloud Processing: Your code is analyzed in our secure cloud infrastructure with enterprise-grade security controls.

Data Handling:

  • Code analyzed in isolated containers
  • Results returned via encrypted HTTPS
  • No permanent storage of your code
  • Scan metadata tracked for quota management

Authentication: API keys use secure Bearer token authentication with per-user quota tracking and access control.

๐Ÿ“– Usage Examples

Basic Repository Scan

Scan this repository for agentic AI vulnerabilities

Check Specific Files

Use the AI Security Scanner to check these files for prompt injection:
- src/prompts.py
- src/llm_integration.py

Get Scan History

Show my recent AI security scans

๐Ÿ› ๏ธ Troubleshooting

MCP Server Not Starting

Check if MCP server is running:

ps aux | grep "ai-security-mcp"

If not running, check Claude desktop logs or restart Claude app:

# macOS
killall Claude && sleep 3 && open -a Claude

# Check config file
cat ~/Library/Application\ Support/Claude/claude_desktop_config.json

Common causes:

  • Claude desktop config has syntax errors
  • API key environment variable not set
  • Wrong Python version (need 3.10+)
  • uvx not installed (pip install uv)

"API Key Required" Error

You need to set your API key. Get it from: https://app.ai-threat-scanner.com/dashboard/api-keys

Then reconfigure:

claude mcp remove ai-security-scanner
claude mcp add ai-security-scanner \
  -e AI_SECURITY_API_KEY=your_actual_key \
  -- uvx --python=3.12 ai-security-mcp@1.0.31

"Connection Failed" Error

Check cloud service status:

curl https://ciso-mcp-server-production.up.railway.app/health

Expected response: {"status":"healthy"}

If service is down, check status page: https://status.ai-threat-scanner.com

"Quota Exceeded" Error

You've reached your scan limit. View usage at: https://app.ai-threat-scanner.com/dashboard/usage

Upgrade your plan or wait for quota reset.

Report Files Not Created

Verify MCP server is running (see above).

Check directory permissions:

ls -la AIThreatScannerReports/

Expected after scan: 4 files per scan (3 Markdown + 1 JSON)

Verify version (must be 1.0.31+):

uvx --python=3.12 ai-security-mcp@1.0.31 --version

๐Ÿ’ฐ Pricing

  • Free Tier: 10 scans/day, 100 scans/month
  • Pro Tier: 100 scans/day, unlimited monthly
  • Enterprise: Custom quotas and dedicated support

View pricing: https://ai-threat-scanner.com/pricing

๐Ÿ“š Documentation

๐Ÿข Architecture Details

This package contains only the thin client proxy. The actual security scanning happens in our cloud infrastructure:

Your Machine          Cloud Infrastructure
โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”      โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚ Claude Code โ”‚โ”€โ”€โ”€โ”€โ”€โ–ถโ”‚ Cloud MCP Server     โ”‚
โ”‚             โ”‚      โ”‚ - 27 Security Agents โ”‚
โ”‚ Thin Client โ”‚โ—€โ”€โ”€โ”€โ”€โ”€โ”‚ - Vulnerability DB   โ”‚
โ”‚ (~50KB)     โ”‚      โ”‚ - Analysis Engine    โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜      โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜

Thin Client Responsibilities:

  • MCP protocol (stdio) with Claude Code
  • HTTPS proxy to cloud server
  • API key authentication
  • Request/response forwarding

Cloud Server Responsibilities:

  • API key validation
  • Agent execution (all 27)
  • Vulnerability analysis
  • Report generation
  • Quota tracking

๐Ÿ“„ License

MIT License - see LICENSE file for details.

๐Ÿ”— Links

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ai_security_mcp-1.0.32.tar.gz (13.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ai_security_mcp-1.0.32-py3-none-any.whl (12.1 kB view details)

Uploaded Python 3

File details

Details for the file ai_security_mcp-1.0.32.tar.gz.

File metadata

  • Download URL: ai_security_mcp-1.0.32.tar.gz
  • Upload date:
  • Size: 13.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.9.6

File hashes

Hashes for ai_security_mcp-1.0.32.tar.gz
Algorithm Hash digest
SHA256 6a3b5066bd0bb8e2e1d1bd541cb7ba465aca14225de5513a69dc476677a46074
MD5 fd865f0b25d9f3b9a9213a95bee73804
BLAKE2b-256 ccc51dcbe099e3607be8099cf9dff2de8b0a9e54bc0df5dc886b5cffab055830

See more details on using hashes here.

File details

Details for the file ai_security_mcp-1.0.32-py3-none-any.whl.

File metadata

File hashes

Hashes for ai_security_mcp-1.0.32-py3-none-any.whl
Algorithm Hash digest
SHA256 6f66100dd8bf6fbc9dcb6f2b1721de0b2cf5f98b216a5d6bb065e073783aeb4b
MD5 df65d2f1b74ad5d7cf06a6a5b9a5b7a8
BLAKE2b-256 c619aafe4171657aa7a82840d22301cf2348a71347a805cda4a89a7b07893947

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page