Skip to main content
Glama
shakiltousif

http-security-headers-mcp

by shakiltousif

http-security-headers-mcp

Analyze and score HTTP security headers (CSP, HSTS, CORS, cookies) with actionable fix recommendations for web applications.

Available on MCPize

Tools

Tool

Description

scan_headers

Fetch a URL and analyze all security headers. Returns A+ to F grade with findings.

score_headers

Score a set of headers you provide. Returns grade and per-header breakdown.

analyze_csp

Deep analysis of a Content-Security-Policy header. Detects unsafe sources and bypass risks.

generate_headers

Generate recommended security headers config for Express, Next.js, nginx, Apache, Cloudflare, or Vercel.

Related MCP server: mcp-api-tools

Quick Start

npx -y mcpize connect @shakiltousif/http-security-headers-mcp --client claude

Or visit: mcpize.com/mcp/http-security-headers-mcp

Per-client install

Claude:    claude mcp add --transport http http-security-headers-mcp https://http-security-headers-mcp.mcpize.run/mcp
Cursor:    cursor mcp add http-security-headers-mcp https://http-security-headers-mcp.mcpize.run/mcp
Windsurf:  windsurf mcp add http-security-headers-mcp https://http-security-headers-mcp.mcpize.run/mcp

JSON Config (manual setup)

{
  "mcpServers": {
    "http-security-headers-mcp": {
      "url": "https://http-security-headers-mcp.mcpize.run/mcp"
    }
  }
}

Run Locally

npm install
mcpize dev              # Start dev server with hot reload
mcpize dev --playground # Interactive testing in your browser

Server runs at http://localhost:3000/mcp

Development

mcpize dev         # Development mode (port 3000, hot reload, loads .env)
npm run build      # Compile TypeScript
npm test           # Run unit tests (26 tests)
bash test-mcp.sh   # MCP protocol smoke test (14 checks)
npm start          # Run compiled server (port 8080)

Deploy

mcpize login                # Authenticate (opens browser)
mcpize deploy               # Ship it!

Project Structure

src/
  index.ts          # Express + MCP server setup, tool registration
  tools.ts          # Pure business logic (header analysis, scoring, CSP parsing)
tests/
  tools.test.ts     # Unit tests (vitest)
test-mcp.sh         # MCP protocol smoke test
mcpize.yaml         # MCPize deployment config
Dockerfile          # Production container build

License

MIT

F
license - not found
-
quality - not tested
D
maintenance

Maintenance

Maintainers
Response time
Release cycle
Releases (12mo)
Commit activity

Resources

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/shakiltousif/http-security-headers-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server