AI-powered security code review MCP server for Claude Code — combines CodeQL, Semgrep (5,000+ rules), bandit, detect-secrets, Dependabot CLI, osv-scanner, pip-audit, and npm-audit
Project description
Shieldbot — AI Security Code Review for Claude Code
Shieldbot is an AI-powered security scanner that runs directly inside Claude Code. It combines 5,000+ static analysis rules with Claude's reasoning to detect vulnerabilities, hardcoded secrets, and CVE-affected dependencies — then synthesizes findings into a prioritized, actionable report.
One command. Full security audit. Zero context switching.
What It Scans
| Scanner | What It Catches |
|---|---|
| Semgrep (5,000+ rules) | OWASP Top 10, CWE Top 25, SQL injection, XSS, SSRF, command injection, taint analysis |
| Bandit | Python-specific security flaws (hardcoded passwords, weak crypto, shell injection) |
| Ruff | Python code quality and security anti-patterns |
| detect-secrets | API keys, tokens, passwords, private keys in source code |
| pip-audit | Python dependency CVEs (PyPI Advisory Database) |
| npm audit | Node.js dependency CVEs |
All scanners run in parallel. Findings are deduplicated, ranked by exploitability, and explained in plain English.
Install as a Claude Code Plugin (Recommended)
Step 1 — Add the Shieldbot marketplace:
/plugin marketplace add BalaSriharsha/shieldbot
Step 2 — Install the plugin:
/plugin install shieldbot
Step 3 — Reload plugins:
/reload-plugins
Step 4 — Run a scan:
/shieldbot .
/shieldbot /path/to/repo
/shieldbot . --min-severity critical
/shieldbot . --git-history
Or just ask Claude naturally:
- "scan this repo for security vulnerabilities"
- "check my code for hardcoded secrets"
- "audit my Python dependencies for CVEs"
Install as a Standalone MCP Server
Add to your MCP client config (.mcp.json or claude_desktop_config.json):
{
"mcpServers": {
"shieldbot": {
"command": "uvx",
"args": ["shieldbot-mcp"]
}
}
}
Or install via pip:
pip install shieldbot-mcp
MCP Tools
| Tool | Description |
|---|---|
scan_repository |
Run a full parallel security scan and return a structured JSON report |
check_scanner_tools |
Check which scanners are installed and available |
scan_repository parameters
| Parameter | Type | Default | Description |
|---|---|---|---|
repo_path |
string | required | Absolute path to the repository |
skip_scanners |
list | [] |
Scanners to skip (e.g. ["ruff", "bandit"]) |
scan_git_history |
bool | false |
Also scan git commit history for leaked secrets |
min_severity |
string | "high" |
Minimum severity to include (critical, high, medium, low, info) |
GitHub Actions Integration
Add Shieldbot to any repository in 3 lines. Findings appear in the Security > Code Scanning tab via SARIF upload.
# .github/workflows/shieldbot.yml
name: Shieldbot Security Scan
on:
push:
branches: [main, master]
pull_request:
branches: [main, master]
schedule:
- cron: '0 8 * * 1' # Weekly scan
permissions:
contents: read
security-events: write # Required for Code Scanning upload
jobs:
shieldbot:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: BalaSriharsha/shieldbot@main
All available inputs:
| Input | Default | Description |
|---|---|---|
path |
. |
Directory to scan |
min-severity |
high |
Minimum severity to report |
fail-on |
high |
Fail build if findings at or above this level |
skip-scanners |
`` | Comma-separated scanners to skip |
scan-git-history |
false |
Scan git history for leaked secrets |
upload-sarif |
true |
Upload to GitHub Code Scanning |
sarif-file |
shieldbot-results.sarif |
SARIF output path |
Outputs: total-findings, risk-score, sarif-file
See .github/workflows/shieldbot-example.yml for the full annotated example.
Exit Codes (CI/CD Integration)
| Code | Meaning |
|---|---|
0 |
Clean — no findings above threshold |
1 |
Medium+ findings detected |
2 |
High+ findings detected |
3 |
Critical findings detected |
Use exit codes to gate deployments in GitHub Actions, GitLab CI, or any pipeline.
How It Works
- Detect — Shieldbot profiles the repository (languages, package managers, git history)
- Scan — All applicable scanners run in parallel via
asyncio.gather() - Deduplicate — Findings are deduplicated by exact hash and proximity (±3 lines)
- Analyze — Claude synthesizes raw scanner output into prioritized findings with context
- Report — Structured output with executive summary, risk score, and remediation steps
Requirements
- Python 3.11+
- Claude Code (for plugin mode)
- External scanner tools are installed automatically as dependencies
Contributing
Issues and pull requests welcome at github.com/BalaSriharsha/shieldbot.
License
MIT — see LICENSE
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file shieldbot_mcp-1.0.2.tar.gz.
File metadata
- Download URL: shieldbot_mcp-1.0.2.tar.gz
- Upload date:
- Size: 36.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a87a29b99e14de173670849a09b1463a452c87da55f9595122e7731e4e060684
|
|
| MD5 |
a248657d60dfaaae7f85b907508674ed
|
|
| BLAKE2b-256 |
eaef659663e1682f88bc7af35f999216c9f0c33a5497a7c055c33a74ca26e06a
|
File details
Details for the file shieldbot_mcp-1.0.2-py3-none-any.whl.
File metadata
- Download URL: shieldbot_mcp-1.0.2-py3-none-any.whl
- Upload date:
- Size: 49.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ca6397e45e44747f0b8f222a80f2c70202015af6f70198df34594240a6d0eb11
|
|
| MD5 |
4ac051083aea139b51001585a2cd60fa
|
|
| BLAKE2b-256 |
0ea9e4580ffc2330f03c1836baa0791accd1430e262269e1dc4b23560dbb0488
|
