# AI Security Scanner MCP
World's first comprehensive agentic AI security scanner (27 agents covering 100% OWASP ASI + LLM) available as a simple one-command MCP integration with Claude Code.
## 🚀 Quick Installation
```bash
claude mcp add ai-security-scanner uvx ai-security-mcp
```
That's it! The scanner is now integrated with Claude Code and ready to use.
## ✨ Features
- **27 Specialized Security Agents**: 17 OWASP ASI + 10 OWASP LLM agents
- **100% OWASP Coverage**: Complete Agentic Security Interface and LLM coverage
- **Local Processing**: No cloud dependencies for basic scanning
- **Lightning Fast**: Sub-second scan times for most repositories
- **Comprehensive Detection**: Memory poisoning, tool misuse, prompt injection, and more
- **Native Claude Integration**: Seamless MCP protocol integration
## 🔍 Supported Vulnerabilities
### OWASP ASI (Agentic Security Interface) - 17 Agents
- ASI01: Memory Poisoning
- ASI02: Tool Misuse
- ASI03: Privilege Compromise
- ASI04: Resource Overload
- ASI05: Cascading Hallucination Attacks
- ASI06: Intent Breaking Goal Manipulation
- ASI07: Misaligned Deceptive Behaviors
- ASI08: Repudiation Untraceability
- ASI09: Identity Spoofing Impersonation
- ASI10: Overwhelming Human in the Loop
- ASI11: Unexpected RCE Code Attacks
- ASI12: Agent Communication Poisoning
- ASI13: Rogue Agents MultiAgent Systems
- ASI14: Human Attacks MultiAgent Systems
- ASI15: Human Manipulation
- ASI16: Insecure InterAgent Protocol Abuse
- ASI17: Vulnerable Agentic Supply Chain
### OWASP LLM Top 10 - 10 Agents
- LLM01: Prompt Injection
- LLM02: Insecure Output Handling
- LLM03: Training Data Poisoning
- LLM04: Model Denial of Service
- LLM05: Supply Chain Vulnerabilities
- LLM06: Sensitive Information Disclosure
- LLM07: Insecure Plugin Design
- LLM08: Excessive Agency
- LLM09: Overreliance
- LLM10: Model Theft
## 📖 Usage
After installation, simply ask Claude Code to scan your code:
### Basic Repository Scan
```
Scan this repository for agentic AI vulnerabilities
```
### Targeted Analysis
```
Use the AI Security Scanner to check for prompt injection vulnerabilities in this code:
[your code here]
```
### Agent Information
```
List all available security agents in the AI Security Scanner
```
### Demo Scan
```
Run a demo scan to see the AI Security Scanner in action
```
## 🎯 Example Output
```
🔍 AI Security Scan Results
📊 Summary:
- Agents Run: 27/27
- Vulnerabilities Found: 14
- Critical: 7, High: 7, Medium: 0, Low: 0
- Scan Time: 96ms
🚨 Critical Vulnerabilities:
1. ASI01 Memory Poisoning - Vector store integrity validation missing
2. ASI02 Tool Misuse - No tool access control policies detected
3. ASI04 Resource Overload - No recursion depth limits configured
4. ASI06 Intent Breaking - Missing intent safety guardrails
🛠️ Remediation guidance provided for all findings
```
## 🏗️ Architecture
The AI Security Scanner MCP follows the same simple pattern as Semgrep:
1. **One-Command Installation**: `uvx ai-security-mcp` handles all dependencies
2. **Stdio Transport**: Direct JSON-RPC communication with Claude Code
3. **Local Processing**: All 27 agents run locally for privacy and speed
4. **Zero Configuration**: Works immediately without setup files
## 🔧 Advanced Usage
### Available MCP Tools
- `scan_repository` - Scan local repository or files
- `list_agents` - List all 27 security agents and capabilities
- `demo_scan` - Run demonstration with vulnerable code samples
- `health_check` - Check server and agent status
### Custom Agent Selection
```
Scan this code using only memory poisoning and tool misuse agents
```
### Output Formats
- `summary` - Executive summary with key findings (default)
- `detailed` - Complete vulnerability details with evidence
- `json` - Machine-readable format for automation
## 🚀 Performance
- **Installation Time**: < 10 seconds
- **First Scan**: < 30 seconds for typical repositories
- **Memory Usage**: < 500MB during scanning
- **Agent Execution**: Parallel processing for maximum speed
## 🛡️ Privacy & Security
- **Local Processing**: No data sent to external servers
- **Read-Only Access**: Scanner cannot modify your files
- **Zero Telemetry**: No usage tracking or data collection
- **Open Source**: Transparent security analysis
## 🐛 Troubleshooting
### Installation Issues
```bash
# Verify uvx is available
uvx --version
# Check Claude Code MCP status
/mcp
```
### Scanner Not Found
Ensure the MCP server is properly registered:
```bash
claude mcp list
```
You should see `ai-security-scanner` in the list.
### No Scan Results
Try the demo scan first:
```
Run a demo scan with the AI Security Scanner
```
## 📚 Documentation
- **Full Documentation**: https://ai-threat-scanner.com/docs
- **OWASP ASI Specification**: https://owasp.org/www-project-ai-security-and-privacy-guide/
- **Bug Reports**: https://github.com/ai-security-scanner/ai-security-mcp/issues
## 🤝 Contributing
We welcome contributions! Please see our contributing guidelines and code of conduct.
## 📄 License
MIT License - see LICENSE file for details.
## 🔗 Links
- **Website**: https://ai-threat-scanner.com
- **GitHub**: https://github.com/ai-security-scanner/ai-security-mcp
- **PyPI**: https://pypi.org/project/ai-security-mcp/
- **Claude Code**: https://claude.ai/code
Raw data
{
"_id": null,
"home_page": "https://github.com/ai-security-scanner/ai-security-mcp",
"name": "ai-security-mcp",
"maintainer": "AI Security Team",
"docs_url": null,
"requires_python": ">=3.8",
"maintainer_email": "security@ai-threat-scanner.com",
"keywords": "security, ai, agentic, llm, owasp, vulnerability, scanner, mcp, claude, claude-code, agent, multi-agent, asi, prompt-injection, cybersecurity, devsecops, static-analysis, security-testing",
"author": "AI Security Team",
"author_email": "security@ai-threat-scanner.com",
"download_url": "https://files.pythonhosted.org/packages/d4/19/8587a0a60e34e855394382f7130abfb58014e1dc1b1434c8dc58a97e7695/ai_security_mcp-1.0.0.tar.gz",
"platform": "any",
"description": "# AI Security Scanner MCP\n\nWorld's first comprehensive agentic AI security scanner (27 agents covering 100% OWASP ASI + LLM) available as a simple one-command MCP integration with Claude Code.\n\n## \ud83d\ude80 Quick Installation\n\n```bash\nclaude mcp add ai-security-scanner uvx ai-security-mcp\n```\n\nThat's it! The scanner is now integrated with Claude Code and ready to use.\n\n## \u2728 Features\n\n- **27 Specialized Security Agents**: 17 OWASP ASI + 10 OWASP LLM agents\n- **100% OWASP Coverage**: Complete Agentic Security Interface and LLM coverage\n- **Local Processing**: No cloud dependencies for basic scanning\n- **Lightning Fast**: Sub-second scan times for most repositories\n- **Comprehensive Detection**: Memory poisoning, tool misuse, prompt injection, and more\n- **Native Claude Integration**: Seamless MCP protocol integration\n\n## \ud83d\udd0d Supported Vulnerabilities\n\n### OWASP ASI (Agentic Security Interface) - 17 Agents\n- ASI01: Memory Poisoning\n- ASI02: Tool Misuse \n- ASI03: Privilege Compromise\n- ASI04: Resource Overload\n- ASI05: Cascading Hallucination Attacks\n- ASI06: Intent Breaking Goal Manipulation\n- ASI07: Misaligned Deceptive Behaviors\n- ASI08: Repudiation Untraceability\n- ASI09: Identity Spoofing Impersonation\n- ASI10: Overwhelming Human in the Loop\n- ASI11: Unexpected RCE Code Attacks\n- ASI12: Agent Communication Poisoning\n- ASI13: Rogue Agents MultiAgent Systems\n- ASI14: Human Attacks MultiAgent Systems\n- ASI15: Human Manipulation\n- ASI16: Insecure InterAgent Protocol Abuse\n- ASI17: Vulnerable Agentic Supply Chain\n\n### OWASP LLM Top 10 - 10 Agents\n- LLM01: Prompt Injection\n- LLM02: Insecure Output Handling\n- LLM03: Training Data Poisoning\n- LLM04: Model Denial of Service\n- LLM05: Supply Chain Vulnerabilities\n- LLM06: Sensitive Information Disclosure\n- LLM07: Insecure Plugin Design\n- LLM08: Excessive Agency\n- LLM09: Overreliance\n- LLM10: Model Theft\n\n## \ud83d\udcd6 Usage\n\nAfter installation, simply ask Claude Code to scan your code:\n\n### Basic Repository Scan\n```\nScan this repository for agentic AI vulnerabilities\n```\n\n### Targeted Analysis\n```\nUse the AI Security Scanner to check for prompt injection vulnerabilities in this code:\n\n[your code here]\n```\n\n### Agent Information\n```\nList all available security agents in the AI Security Scanner\n```\n\n### Demo Scan\n```\nRun a demo scan to see the AI Security Scanner in action\n```\n\n## \ud83c\udfaf Example Output\n\n```\n\ud83d\udd0d AI Security Scan Results\n\n\ud83d\udcca Summary:\n- Agents Run: 27/27\n- Vulnerabilities Found: 14\n- Critical: 7, High: 7, Medium: 0, Low: 0\n- Scan Time: 96ms\n\n\ud83d\udea8 Critical Vulnerabilities:\n1. ASI01 Memory Poisoning - Vector store integrity validation missing\n2. ASI02 Tool Misuse - No tool access control policies detected\n3. ASI04 Resource Overload - No recursion depth limits configured\n4. ASI06 Intent Breaking - Missing intent safety guardrails\n\n\ud83d\udee0\ufe0f Remediation guidance provided for all findings\n```\n\n## \ud83c\udfd7\ufe0f Architecture\n\nThe AI Security Scanner MCP follows the same simple pattern as Semgrep:\n\n1. **One-Command Installation**: `uvx ai-security-mcp` handles all dependencies\n2. **Stdio Transport**: Direct JSON-RPC communication with Claude Code\n3. **Local Processing**: All 27 agents run locally for privacy and speed\n4. **Zero Configuration**: Works immediately without setup files\n\n## \ud83d\udd27 Advanced Usage\n\n### Available MCP Tools\n\n- `scan_repository` - Scan local repository or files\n- `list_agents` - List all 27 security agents and capabilities \n- `demo_scan` - Run demonstration with vulnerable code samples\n- `health_check` - Check server and agent status\n\n### Custom Agent Selection\n```\nScan this code using only memory poisoning and tool misuse agents\n```\n\n### Output Formats\n- `summary` - Executive summary with key findings (default)\n- `detailed` - Complete vulnerability details with evidence\n- `json` - Machine-readable format for automation\n\n## \ud83d\ude80 Performance\n\n- **Installation Time**: < 10 seconds\n- **First Scan**: < 30 seconds for typical repositories \n- **Memory Usage**: < 500MB during scanning\n- **Agent Execution**: Parallel processing for maximum speed\n\n## \ud83d\udee1\ufe0f Privacy & Security\n\n- **Local Processing**: No data sent to external servers\n- **Read-Only Access**: Scanner cannot modify your files\n- **Zero Telemetry**: No usage tracking or data collection\n- **Open Source**: Transparent security analysis\n\n## \ud83d\udc1b Troubleshooting\n\n### Installation Issues\n```bash\n# Verify uvx is available\nuvx --version\n\n# Check Claude Code MCP status\n/mcp\n```\n\n### Scanner Not Found\nEnsure the MCP server is properly registered:\n```bash\nclaude mcp list\n```\n\nYou should see `ai-security-scanner` in the list.\n\n### No Scan Results\nTry the demo scan first:\n```\nRun a demo scan with the AI Security Scanner\n```\n\n## \ud83d\udcda Documentation\n\n- **Full Documentation**: https://ai-threat-scanner.com/docs\n- **OWASP ASI Specification**: https://owasp.org/www-project-ai-security-and-privacy-guide/\n- **Bug Reports**: https://github.com/ai-security-scanner/ai-security-mcp/issues\n\n## \ud83e\udd1d Contributing\n\nWe welcome contributions! Please see our contributing guidelines and code of conduct.\n\n## \ud83d\udcc4 License\n\nMIT License - see LICENSE file for details.\n\n## \ud83d\udd17 Links\n\n- **Website**: https://ai-threat-scanner.com\n- **GitHub**: https://github.com/ai-security-scanner/ai-security-mcp \n- **PyPI**: https://pypi.org/project/ai-security-mcp/\n- **Claude Code**: https://claude.ai/code\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Thin client MCP server for AI Security Scanner - connects to cloud-hosted 27 agents (100% OWASP coverage)",
"version": "1.0.0",
"project_urls": {
"Bug Reports": "https://github.com/ai-security-scanner/ai-security-mcp/issues",
"Documentation": "https://ai-threat-scanner.com/docs",
"Homepage": "https://github.com/ai-security-scanner/ai-security-mcp",
"Source": "https://github.com/ai-security-scanner/ai-security-mcp"
},
"split_keywords": [
"security",
" ai",
" agentic",
" llm",
" owasp",
" vulnerability",
" scanner",
" mcp",
" claude",
" claude-code",
" agent",
" multi-agent",
" asi",
" prompt-injection",
" cybersecurity",
" devsecops",
" static-analysis",
" security-testing"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "aa0c53d5eca6fb9052b5f54e7680d557ac5a174133b17eba000f8ce7221311a1",
"md5": "4a4e702a21033b721a0cae0ff85e3ec0",
"sha256": "bf3fc2101a3528cbc67b44772d79c276f81c4bc1214b98bd9f952e9426c91569"
},
"downloads": -1,
"filename": "ai_security_mcp-1.0.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "4a4e702a21033b721a0cae0ff85e3ec0",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.8",
"size": 10701,
"upload_time": "2025-09-05T00:08:15",
"upload_time_iso_8601": "2025-09-05T00:08:15.151024Z",
"url": "https://files.pythonhosted.org/packages/aa/0c/53d5eca6fb9052b5f54e7680d557ac5a174133b17eba000f8ce7221311a1/ai_security_mcp-1.0.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "d4198587a0a60e34e855394382f7130abfb58014e1dc1b1434c8dc58a97e7695",
"md5": "89f09b8c1c684fca116591fc894dfd6a",
"sha256": "a8a132a0d52d28f8eec2166e19f9394109da47508ced1ac2f60719ed9fcd7b13"
},
"downloads": -1,
"filename": "ai_security_mcp-1.0.0.tar.gz",
"has_sig": false,
"md5_digest": "89f09b8c1c684fca116591fc894dfd6a",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.8",
"size": 13061,
"upload_time": "2025-09-05T00:08:16",
"upload_time_iso_8601": "2025-09-05T00:08:16.124050Z",
"url": "https://files.pythonhosted.org/packages/d4/19/8587a0a60e34e855394382f7130abfb58014e1dc1b1434c8dc58a97e7695/ai_security_mcp-1.0.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-09-05 00:08:16",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "ai-security-scanner",
"github_project": "ai-security-mcp",
"github_not_found": true,
"lcname": "ai-security-mcp"
}
JSON
