We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/norandom/ragflow-claude-desktop-local-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server
name: "Bandit Security Scan"
on:
push:
branches: [ "main", "master" ]
pull_request:
branches: [ "main", "master" ]
schedule:
- cron: '0 6 * * 2' # Weekly on Tuesdays at 6 AM UTC
jobs:
bandit:
name: Security Analysis with Bandit
runs-on: ubuntu-latest
permissions:
security-events: write
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install bandit[toml]
- name: Run Bandit security scan
run: |
bandit -r src/ -f json -o bandit-report.json
bandit -r src/ -f txt
- name: Upload Bandit scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
if: always()
with:
sarif_file: bandit-report.sarif
continue-on-error: true
- name: Convert Bandit JSON to SARIF
if: always()
run: |
pip install bandit[sarif]
bandit -r src/ -f sarif -o bandit-report.sarif
- name: Upload SARIF results
uses: github/codeql-action/upload-sarif@v3
if: always()
with:
sarif_file: bandit-report.sarif
- name: Upload Bandit report as artifact
uses: actions/upload-artifact@v4
if: always()
with:
name: bandit-security-report
path: bandit-report.*
retention-days: 30