Enables configuration of MobSF API credentials and endpoint URLs through environment variables loaded from a .env file
Integrates with GitHub for downloading the MCP typescript SDK dependency required for server operation
Used for managing dependencies and running the MCP server through npm commands like 'npx tsx'
Powers the server implementation through TypeScript, with the server being executed via the tsx runtime
๐กMobSF MCP Tool
This is an MCP (Model Context Protocol) compatible tool that allows MobSF (Mobile Security Framework) to scan APK and IPA files directly via Claude, 5ire, or any MCP-capable client.
Prerequisites
MobSF should be installed( and running ) on the system.
Download the MCP typescript sdk and rename the folder to sdk.
npm should be installed on the system
๐ Features
Supports APK and IPA file scanning
Uses MobSF's REST API to:
๐๏ธ Installation
Clone the repo and install dependencies:
Troubleshooting
Go inside mobsf server directory and run 'npx tsx server.ts'. Install any missing npm dependency if any.
๐ Setup
Copy the .env.example to .env:
cp .env.example .env
Edit .env to include your MobSF API key:
โถ๏ธ Run the Server
Add the configuration settings shown at the end for claude AI desktop app, it will automatically run the server.
Make sure your MobSF server is running locally at http://localhost:8000.
๐งฒ Example Input
The server exposes tool scanFile . So, use any MCP client to try the following prompt scan or scan . It will scan the IPA or APK file and will analyze the report(json) for you.
๐ Notes
Only .apk and .ipa file types are supported.
This tool avoids fetching large fields like raw strings or source code dumps to keep responses fast and compliant with Claude/5ire message limits.