Skip to main content
Glama

MCP Vulnerability Checker Server

by firetix
GitHub
Python
MIT License
9
OverviewInspectNewEndpointsSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue
REFACTORING_SUMMARY.mdโ€ข4.52 kB
# MCP Server Refactoring Summary ## ๐ŸŽฏ Objective Completed Successfully refactored the MCP server from a monolithic structure into a clean, modular architecture and added new Python package vulnerability checking functionality. ## ๐Ÿ“ Project Structure Transformation ### Before (Monolithic) ``` mcp_simple_tool/ โ”œโ”€โ”€ server.py (384 lines - everything in one file) โ”œโ”€โ”€ __init__.py โ””โ”€โ”€ __main__.py # Test files scattered in root directory test_cve_lookup.py test_*.py (various test scripts) ``` ### After (Modular) ``` mcp_simple_tool/ โ”œโ”€โ”€ server.py (190 lines - clean orchestration) โ”œโ”€โ”€ __init__.py โ”œโ”€โ”€ __main__.py โ””โ”€โ”€ tools/ (organized tool modules) โ”œโ”€โ”€ __init__.py โ”œโ”€โ”€ cve_lookup.py (207 lines) โ”œโ”€โ”€ package_vulnerability.py (236 lines) โญ NEW โ””โ”€โ”€ website_fetch.py (68 lines) tests/ (organized test suite) โ”œโ”€โ”€ __init__.py โ”œโ”€โ”€ run_tests.py (91 lines) โญ NEW โ”œโ”€โ”€ test_modular_server.py โ”œโ”€โ”€ test_cve_lookup.py โ”œโ”€โ”€ test_package_vulnerability.py โญ NEW โ”œโ”€โ”€ test_stdio.py (existing) โ””โ”€โ”€ lookup_log4shell.py ``` ## โœจ New Features Added ### 1. Python Package Vulnerability Checker (`package_vulnerability_check`) - **Data Source**: OSV (Open Source Vulnerabilities) Database - **Functionality**: - Checks Python packages from PyPI for known vulnerabilities - Supports specific version checking or all versions - Provides detailed vulnerability reports including: - CVSS scores and severity levels - Affected version ranges - Fix information and references - Package metadata from PyPI ### 2. Enhanced Test Suite - **Test Runner**: Automated test execution with `tests/run_tests.py` - **Organized Tests**: All tests moved to `tests/` directory - **Import Management**: Proper path handling for all test files - **Comprehensive Coverage**: Tests for all tool modules ## ๐Ÿ”ง Tools Available | Tool | Purpose | Status | |------|---------|--------| | `cve_lookup` | CVE vulnerability lookup from NVD | โœ… Refactored | | `package_vulnerability_check` | Python package security check | โญ NEW | ## ๐Ÿ“Š Code Organization Benefits ### Maintainability - **Separation of Concerns**: Each tool in its own module - **Clear Dependencies**: Explicit imports and exports - **Focused Functionality**: Single responsibility per module ### Extensibility - **Easy Tool Addition**: Clear pattern for new tools - **Modular Testing**: Individual tool testing capability - **Documentation**: Comprehensive README and examples ### Code Quality - **Reduced Complexity**: Main server file reduced from 384 to 190 lines - **Type Hints**: Proper typing throughout modules - **Error Handling**: Comprehensive error management per tool - **Reusability**: Tools can be imported and used independently ## ๐Ÿงช Testing ### Test Execution ```bash # Run all tests python tests/run_tests.py # Individual tests python tests/test_modular_server.py python tests/test_package_vulnerability.py python tests/test_cve_lookup.py ``` ### Test Results โœ… All tests passing with comprehensive coverage: - Modular server structure validation - CVE lookup functionality (e.g., Log4Shell) - Package vulnerability checking (e.g., requests, django) - Error handling for invalid inputs ## ๐Ÿš€ Usage Examples ### New Package Vulnerability Check ```python # Check all versions of requests await call_tool("package_vulnerability_check", {"package_name": "requests"}) # Check specific version await call_tool("package_vulnerability_check", { "package_name": "django", "version": "3.2.0" }) ``` ### Existing CVE Lookup (Improved) ```python await call_tool("cve_lookup", {"cve_id": "CVE-2021-44228"}) ``` ## ๐Ÿ“ˆ Future Extensibility The modular architecture enables easy addition of new security tools: 1. **New Tool Creation**: Add module in `mcp_simple_tool/tools/` 2. **Export Registration**: Update `tools/__init__.py` 3. **Server Integration**: Register in `server.py` 4. **Test Coverage**: Add tests in `tests/` ## ๐ŸŽ‰ Success Metrics - โœ… **Modularity**: Monolithic code split into focused modules - โœ… **New Functionality**: Python package vulnerability checking added - โœ… **Clean Structure**: Tests organized in dedicated directory - โœ… **Maintainability**: Clear separation of concerns - โœ… **Documentation**: Comprehensive README and examples - โœ… **Testing**: Full test coverage with automated runner - โœ… **Extensibility**: Clear patterns for future tool additions

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/firetix/vulnerability-intelligence-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server