Thin client MCP server for AI Security Scanner - connects to cloud-hosted 27 agents (100% OWASP coverage)
Project description
AI Security Scanner MCP - Cloud Edition
World's first comprehensive agentic AI security scanner with 27 specialized agents covering 100% OWASP ASI + LLM vulnerabilities. This thin client connects to our secure cloud infrastructure where all scanning happens.
Current Version: 1.0.31 | Python: >=3.10 | Package Size: ~50KB
๐๏ธ Architecture
This package is a lightweight cloud proxy (~50KB) that connects Claude Code to our cloud-hosted security scanning infrastructure. All 27 security agents run in our secure Google Cloud environment, not on your local machine.
Benefits of Cloud Architecture:
- Always up-to-date security rules
- No local compute resources needed
- Proprietary agent logic protected
- Consistent scanning environment
- Sub-second scan execution
- NEW: Automatic report file generation
๐ Quick Start
Step 1: Get Your API Key
- Visit https://app.ai-threat-scanner.com/dashboard/api-keys
- Sign up for free account
- Generate new API key
- Copy your key (format:
ciso_live_abc123xyz)
Step 2: Install Thin Client (uvx recommended)
Recommended: Use uvx (no installation required):
claude mcp add ai-security-scanner \
-e AI_SECURITY_API_KEY=ciso_live_abc123xyz \
-- uvx --python=3.12 ai-security-mcp@1.0.31
Alternative: Traditional pip install:
pip install ai-security-mcp==1.0.31
claude mcp add ai-security-scanner \
-e AI_SECURITY_API_KEY=ciso_live_abc123xyz \
-- ai-security-mcp
Replace ciso_live_abc123xyz with your actual API key.
Step 3: Start Scanning
Open Claude Code and ask:
Scan this repository for AI security vulnerabilities
The thin client will connect to our cloud infrastructure, execute all 27 security agents, and return comprehensive vulnerability findings.
Reports are automatically saved to AIThreatScannerReports/{repository}/ with:
- Agentic Security Report (vulnerability findings)
- Comprehensive Analysis (detailed context)
- Coverage Report (OWASP testing metrics)
- Scan Summary (JSON format)
๐ Complete Setup Example (macOS)
This example walks through the complete setup process from scratch:
# 1. Install uvx (if not already installed)
pip install uv
# 2. Get your API key from https://app.ai-threat-scanner.com/dashboard/api-keys
# (Sign up for free account if needed)
# 3. Configure Claude desktop MCP server
cat > ~/Library/Application\ Support/Claude/claude_desktop_config.json <<'EOF'
{
"mcpServers": {
"ai-security-scanner": {
"command": "/Users/$(whoami)/.local/bin/uvx",
"args": ["--python=3.12", "ai-security-mcp@1.0.31"],
"env": {
"AI_SECURITY_API_KEY": "your_api_key_here",
"AI_SECURITY_MCP_URL": "https://ciso-mcp-server-production.up.railway.app/api/tools/call"
}
}
}
}
EOF
# 4. Replace "your_api_key_here" with your actual API key
# Edit the file and update the API key:
# open ~/Library/Application\ Support/Claude/claude_desktop_config.json
# 5. Restart Claude to load the MCP server
killall Claude && sleep 3 && open -a Claude
# 6. Verify MCP server is running (wait ~10 seconds after Claude starts)
ps aux | grep "ai-security-mcp"
# Expected output: Shows uvx running ai-security-mcp@1.0.31
# 7. In Claude, ask: "Scan this repository for AI security vulnerabilities"
# 8. After scan completes, check for report files
ls -lh AIThreatScannerReports/
# Expected: Directory with subdirectories for each scanned repository
# Example output after scanning a repo named "my-app":
# AIThreatScannerReports/my-app/
# โโโ AgenticSecurityReport_20251028_143022_abc123.md
# โโโ ComprehensiveAnalysis_20251028_143022_abc123.md
# โโโ CoverageReport_20251028_143022_abc123.md
# โโโ ScanSummary_20251028_143022_abc123.json
Verification checklist:
- โ
uvx installed (
which uvx) - โ Config file has valid JSON syntax
- โ
API key format:
ciso_live_... - โ
MCP server process running (
ps aux | grep ai-security-mcp) - โ Claude shows AI Security Scanner in MCP menu
- โ Scan completes and shows results
- โ Report files created in AIThreatScannerReports/
๐ What You Get
27 Cloud-Hosted Security Agents
OWASP ASI (17 agents): Memory Poisoning, Tool Misuse, Privilege Compromise, Resource Overload, Cascading Hallucination, Intent Breaking, Misaligned Behaviors, Repudiation, Identity Spoofing, Overwhelming HITL, Unexpected RCE, Agent Communication Poisoning, Rogue Agents, Human Attacks, Human Manipulation, Insecure Protocol, Supply Chain
OWASP LLM Top 10 (10 agents): Prompt Injection, Insecure Output Handling, Training Data Poisoning, Model DoS, Supply Chain, Information Disclosure, Insecure Plugin Design, Excessive Agency, Overreliance, Model Theft
๐ Security & Privacy
Cloud Processing: Your code is analyzed in our secure cloud infrastructure with enterprise-grade security controls.
Data Handling:
- Code analyzed in isolated containers
- Results returned via encrypted HTTPS
- No permanent storage of your code
- Scan metadata tracked for quota management
Authentication: API keys use secure Bearer token authentication with per-user quota tracking and access control.
๐ Usage Examples
Basic Repository Scan
Scan this repository for agentic AI vulnerabilities
Check Specific Files
Use the AI Security Scanner to check these files for prompt injection:
- src/prompts.py
- src/llm_integration.py
Get Scan History
Show my recent AI security scans
๐ ๏ธ Troubleshooting
MCP Server Not Starting
Check if MCP server is running:
ps aux | grep "ai-security-mcp"
If not running, check Claude desktop logs or restart Claude app:
# macOS
killall Claude && sleep 3 && open -a Claude
# Check config file
cat ~/Library/Application\ Support/Claude/claude_desktop_config.json
Common causes:
- Claude desktop config has syntax errors
- API key environment variable not set
- Wrong Python version (need 3.10+)
- uvx not installed (
pip install uv)
"API Key Required" Error
You need to set your API key. Get it from: https://app.ai-threat-scanner.com/dashboard/api-keys
Then reconfigure:
claude mcp remove ai-security-scanner
claude mcp add ai-security-scanner \
-e AI_SECURITY_API_KEY=your_actual_key \
-- uvx --python=3.12 ai-security-mcp@1.0.31
"Connection Failed" Error
Check cloud service status:
curl https://ciso-mcp-server-production.up.railway.app/health
Expected response: {"status":"healthy"}
If service is down, check status page: https://status.ai-threat-scanner.com
"Quota Exceeded" Error
You've reached your scan limit. View usage at: https://app.ai-threat-scanner.com/dashboard/usage
Upgrade your plan or wait for quota reset.
Report Files Not Created
Verify MCP server is running (see above).
Check directory permissions:
ls -la AIThreatScannerReports/
Expected after scan: 4 files per scan (3 Markdown + 1 JSON)
Verify version (must be 1.0.31+):
uvx --python=3.12 ai-security-mcp@1.0.31 --version
๐ฐ Pricing
- Free Tier: 10 scans/day, 100 scans/month
- Pro Tier: 100 scans/day, unlimited monthly
- Enterprise: Custom quotas and dedicated support
View pricing: https://ai-threat-scanner.com/pricing
๐ Documentation
- Dashboard: https://app.ai-threat-scanner.com
- Full Documentation: https://ai-threat-scanner.com/docs
- OWASP ASI Specification: https://owasp.org/www-project-ai-security-and-privacy-guide/
- Bug Reports: https://github.com/ai-security-scanner/ai-security-mcp/issues
๐ข Architecture Details
This package contains only the thin client proxy. The actual security scanning happens in our cloud infrastructure:
Your Machine Cloud Infrastructure
โโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโ
โ Claude Code โโโโโโโถโ Cloud MCP Server โ
โ โ โ - 27 Security Agents โ
โ Thin Client โโโโโโโโ - Vulnerability DB โ
โ (~50KB) โ โ - Analysis Engine โ
โโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโ
Thin Client Responsibilities:
- MCP protocol (stdio) with Claude Code
- HTTPS proxy to cloud server
- API key authentication
- Request/response forwarding
Cloud Server Responsibilities:
- API key validation
- Agent execution (all 27)
- Vulnerability analysis
- Report generation
- Quota tracking
๐ License
MIT License - see LICENSE file for details.
๐ Links
- Website: https://ai-threat-scanner.com
- Dashboard: https://app.ai-threat-scanner.com
- GitHub: https://github.com/ai-security-scanner/ai-security-mcp
- PyPI: https://pypi.org/project/ai-security-mcp/
- Support: support@ai-threat-scanner.com
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file ai_security_mcp-1.0.32.tar.gz.
File metadata
- Download URL: ai_security_mcp-1.0.32.tar.gz
- Upload date:
- Size: 13.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
6a3b5066bd0bb8e2e1d1bd541cb7ba465aca14225de5513a69dc476677a46074
|
|
| MD5 |
fd865f0b25d9f3b9a9213a95bee73804
|
|
| BLAKE2b-256 |
ccc51dcbe099e3607be8099cf9dff2de8b0a9e54bc0df5dc886b5cffab055830
|
File details
Details for the file ai_security_mcp-1.0.32-py3-none-any.whl.
File metadata
- Download URL: ai_security_mcp-1.0.32-py3-none-any.whl
- Upload date:
- Size: 12.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
6f66100dd8bf6fbc9dcb6f2b1721de0b2cf5f98b216a5d6bb065e073783aeb4b
|
|
| MD5 |
df65d2f1b74ad5d7cf06a6a5b9a5b7a8
|
|
| BLAKE2b-256 |
c619aafe4171657aa7a82840d22301cf2348a71347a805cda4a89a7b07893947
|