Server Details
Scan GitHub-hosted AI skills for vulnerabilities: prompt injection, malware, OWASP LLM Top 10.
- Status
- Healthy
- Last Tested
- Transport
- Streamable HTTP
- URL
- Repository
- securityscan-api/securityscan-api
- GitHub Stars
- 0
See and control every tool call
Available Tools
3 toolscheck_certificationInspect
Check if a skill has been certified as safe.
Certification indicates the skill has been scanned, reviewed,
and approved by a human administrator. Certified skills have
a cryptographic hash that can be verified. Does not consume scan credits.
Args:
skill_url: The skill URL to check certification for
Returns:
CertificationResult indicating if the skill is certified,
along with certification details if available.
Example:
check_certification("https://github.com/anthropics/anthropic-cookbook")| Name | Required | Description | Default |
|---|---|---|---|
| skill_url | Yes |
get_reportInspect
Get the public security report for a skill.
Returns the most recent scan results and certification status.
This is useful to check if a skill has been previously scanned
without triggering a new scan. Does not consume scan credits.
Args:
skill_url: The skill URL to get the report for
Returns:
ReportResult with score, certification status, and issues summary.
Returns error if no report exists for this URL.
Example:
get_report("https://github.com/jlowin/fastmcp")| Name | Required | Description | Default |
|---|---|---|---|
| skill_url | Yes |
scan_skillInspect
Scan a GitHub repository or skill URL for security vulnerabilities.
This tool performs static analysis and AI-powered detection to identify:
- Hardcoded credentials and API keys
- Remote code execution patterns
- Data exfiltration attempts
- Privilege escalation risks
- OWASP LLM Top 10 vulnerabilities
Requires a valid X-API-Key header. Cached results (24h) do not consume credits.
Args:
skill_url: GitHub repository URL (e.g., https://github.com/owner/repo)
or raw file URL to scan
Returns:
ScanResult with security score (0-100), recommendation, and detected issues.
Score >= 80 is SAFE, 50-79 is CAUTION, < 50 is DANGEROUS.
Example:
scan_skill("https://github.com/anthropics/anthropic-sdk-python")| Name | Required | Description | Default |
|---|---|---|---|
| skill_url | Yes |
Verify Ownership
Claim this connector by publishing a /.well-known/glama.json file on your server's domain with the following structure:
{
"$schema": "https://glama.ai/mcp/schemas/connector.json",
"maintainers": [
{
"email": "your-email@example.com"
}
]
}The email address must match the email associated with your Glama account. Once verified, the connector will appear as claimed by you.
Sign in to verify ownershipControl your server's listing on Glama, including description and metadata
Receive usage reports showing how your server is being used
Get monitoring and health status updates for your server
The connector status is unhealthy when Glama is unable to successfully connect to the server. This can happen for several reasons:
The server is experiencing an outage
The URL of the server is wrong
Credentials required to access the server are missing or invalid
If you are the owner of this MCP connector and would like to make modifications to the listing, including providing test credentials for accessing the server, please contact support@glama.ai.
Discussions
No comments yet. Be the first to start the discussion!
Your Connectors
Sign in to create a connector for this server.