SecurityScan
Server Details
Scan GitHub-hosted AI skills for vulnerabilities: prompt injection, malware, OWASP LLM Top 10.
- Status
- Healthy
- Last Tested
- Transport
- Streamable HTTP
- URL
- Repository
- securityscan-api/securityscan-api
- GitHub Stars
- 0
- Server Listing
- securityscan
Glama MCP Gateway
Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.
Full call logging
Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.
Tool access control
Enable or disable individual tools per connector, so you decide what your agents can and cannot do.
Managed credentials
Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.
Usage analytics
See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.
Tool Definition Quality
Score is being calculated. Check back soon.
Available Tools
3 toolscheck_certificationAInspect
Check if a skill has been certified as safe.
Certification indicates the skill has been scanned, reviewed,
and approved by a human administrator. Certified skills have
a cryptographic hash that can be verified. Does not consume scan credits.
Args:
skill_url: The skill URL to check certification for
Returns:
CertificationResult indicating if the skill is certified,
along with certification details if available.
Example:
check_certification("https://github.com/anthropics/anthropic-cookbook")| Name | Required | Description | Default |
|---|---|---|---|
| skill_url | Yes |
Output Schema
| Name | Required | Description |
|---|---|---|
| score | No | |
| cert_hash | No | |
| skill_url | Yes | |
| certified_at | No | |
| is_certified | Yes |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
With no annotations provided, the description carries full disclosure burden effectively. It explains certification semantics (human-reviewed, cryptographic hash verification) and cost behavior (no scan credits consumed). It also identifies the return type (CertificationResult), though it could mention error cases like invalid URLs.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description uses a structured format (initial statement, Args, Returns, Example) that is appropriately front-loaded. Information density is high with minimal redundancy, though the certification process explanation could be slightly more concise.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
For a single-parameter tool with an output schema, the description is complete. It explains what CertificationResult contains (certification status and details) without needing to replicate the full output schema, and adequately covers the certification domain concept.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Given 0% schema description coverage, the description compensates well by documenting the skill_url parameter in the Args section ('The skill URL to check certification for') and providing a concrete example value ('https://github.com/anthropics/anthropic-cookbook').
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool 'Check[s] if a skill has been certified as safe' with specific verb and resource. It implicitly distinguishes from sibling scan_skill by noting 'Does not consume scan credits,' though it doesn't explicitly contrast with get_report.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description provides explicit behavioral guidance with 'Does not consume scan credits,' which strongly implies when to use this (for cost-free verification) versus scan_skill. However, it lacks explicit 'when-not-to-use' statements or direct comparisons to get_report.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
get_reportAInspect
Get the public security report for a skill.
Returns the most recent scan results and certification status.
This is useful to check if a skill has been previously scanned
without triggering a new scan. Does not consume scan credits.
Args:
skill_url: The skill URL to get the report for
Returns:
ReportResult with score, certification status, and issues summary.
Returns error if no report exists for this URL.
Example:
get_report("https://github.com/jlowin/fastmcp")| Name | Required | Description | Default |
|---|---|---|---|
| skill_url | Yes |
Output Schema
| Name | Required | Description |
|---|---|---|
| score | Yes | |
| cert_hash | No | |
| certified | Yes | |
| skill_url | Yes | |
| certified_at | No | |
| issues_summary | Yes | Count of issues by severity |
| recommendation | Yes |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations provided, so description carries full burden. Discloses credit consumption ('Does not consume scan credits'), error conditions ('Returns error if no report exists'), and output structure ('ReportResult with score, certification status, and issues summary').
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Uses structured docstring format (Args/Returns/Example) that front-loads key information. First two sentences establish purpose and return value. All sentences add unique value beyond structured data, though 'Returns:' appears redundantly before the Args section.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Complete for a single-parameter tool with output schema. Description covers return values ('ReportResult'), error states, sibling differentiation, and resource constraints despite the formal output schema existing.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 0% (only 'title': 'Skill Url'), requiring description compensation. Provides semantic meaning ('The skill URL to get the report for') and includes example value ('https://github.com/jlowin/fastmcp') demonstrating expected format.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
Clear specific verb 'Get' + resource 'public security report' + scope 'for a skill'. Explicitly distinguishes from sibling tool 'scan_skill' by stating it returns existing results 'without triggering a new scan'.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
Explicitly states when to use: 'check if a skill has been previously scanned without triggering a new scan'. Also provides critical usage constraint 'Does not consume scan credits', clearly contrasting resource consumption with likely sibling behavior.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
scan_skillAInspect
Scan a GitHub repository or skill URL for security vulnerabilities.
This tool performs static analysis and AI-powered detection to identify:
- Hardcoded credentials and API keys
- Remote code execution patterns
- Data exfiltration attempts
- Privilege escalation risks
- OWASP LLM Top 10 vulnerabilities
Requires a valid X-API-Key header. Cached results (24h) do not consume credits.
Args:
skill_url: GitHub repository URL (e.g., https://github.com/owner/repo)
or raw file URL to scan
Returns:
ScanResult with security score (0-100), recommendation, and detected issues.
Score >= 80 is SAFE, 50-79 is CAUTION, < 50 is DANGEROUS.
Example:
scan_skill("https://github.com/anthropics/anthropic-sdk-python")| Name | Required | Description | Default |
|---|---|---|---|
| skill_url | Yes |
Output Schema
| Name | Required | Description |
|---|---|---|
| score | Yes | Security score from 0-100 (higher is safer) |
| cached | Yes | Whether this result was from cache |
| issues | Yes | List of detected security issues |
| scan_id | Yes | Unique identifier for this scan |
| skill_url | Yes | URL that was scanned |
| issues_count | Yes | Number of security issues found |
| recommendation | Yes | SAFE, CAUTION, or DANGEROUS |
| scans_remaining | No | Remaining scans this month (null if unlimited) |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations provided, so description carries full burden. Excellently discloses: analysis methods (static + AI-powered), specific vulnerability categories (5 types including OWASP LLM Top 10), authentication requirements, caching behavior (24h TTL), and output interpretation (score thresholds for SAFE/CAUTION/DANGEROUS).
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Well-structured with clear sections (purpose, vulnerability list, auth, caching, Args, Returns, Example). Front-loaded with main purpose. Slightly verbose due to vulnerability bullet list, but every element earns its place by providing necessary behavioral context.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Despite presence of output schema, description proactively explains return value semantics (ScanResult structure, 0-100 scoring rubric, risk thresholds). Combined with auth, caching, and parameter details, this provides complete context for a security scanning tool.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 0% (parameter lacks description), but description fully compensates via the Args section: specifies 'GitHub repository URL' or 'raw file URL' and provides concrete example (https://github.com/owner/repo). This adds essential semantic meaning absent from the schema.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
Excellent clarity: 'Scan a GitHub repository or skill URL for security vulnerabilities' provides specific verb (Scan), resource (GitHub repository/skill URL), and goal. The detailed vulnerability list (hardcoded credentials, RCE patterns, etc.) further distinguishes this from sibling tools check_certification and get_report.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
Provides clear prerequisites ('Requires a valid X-API-Key header') and caching guidance ('Cached results (24h) do not consume credits') which informs when to invoke. However, lacks explicit differentiation from siblings (e.g., when to use get_report instead).
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
Claim this connector by publishing a /.well-known/glama.json file on your server's domain with the following structure:
{
"$schema": "https://glama.ai/mcp/schemas/connector.json",
"maintainers": [{ "email": "your-email@example.com" }]
}The email address must match the email associated with your Glama account. Once published, Glama will automatically detect and verify the file within a few minutes.
Control your server's listing on Glama, including description and metadata
Access analytics and receive server usage reports
Get monitoring and health status updates for your server
Feature your server to boost visibility and reach more users
For users:
Full audit trail – every tool call is logged with inputs and outputs for compliance and debugging
Granular tool control – enable or disable individual tools per connector to limit what your AI agents can do
Centralized credential management – store and rotate API keys and OAuth tokens in one place
Change alerts – get notified when a connector changes its schema, adds or removes tools, or updates tool definitions, so nothing breaks silently
For server owners:
Proven adoption – public usage metrics on your listing show real-world traction and build trust with prospective users
Tool-level analytics – see which tools are being used most, helping you prioritize development and documentation
Direct user feedback – users can report issues and suggest improvements through the listing, giving you a channel you would not have otherwise
The connector status is unhealthy when Glama is unable to successfully connect to the server. This can happen for several reasons:
The server is experiencing an outage
The URL of the server is wrong
Credentials required to access the server are missing or invalid
If you are the owner of this MCP connector and would like to make modifications to the listing, including providing test credentials for accessing the server, please contact support@glama.ai.
Discussions
No comments yet. Be the first to start the discussion!
Your Connectors
Sign in to create a connector for this server.