nowsecure-mcp-server
Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| NOWSECURE_TOKEN | Yes | Your personal NowSecure Platform API bearer token (PAT). Required. | |
| NOWSECURE_API_BASE | No | Base URL for the NowSecure API. Optional, defaults to https://api.nowsecure.com. | https://api.nowsecure.com |
Capabilities
Features and capabilities supported by this server
| Capability | Details |
|---|---|
| tools | {} |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| list_applicationsA | List applications in your NowSecure portfolio (REST /v2/portfolio/applications). Use to discover app refs and the latest assessment per app. |
| get_remediation_findingsA | Pull findings that need remediation for an assessment, as structured JSON. Bypasses the broken NowSecure UI PDF renderer by querying GraphQL directly. Returns only open findings that require remediation (status detected/fail/open), filtered by severity (default: blocker, critical, high, medium). Passed and dismissed findings are excluded. |
| generate_remediation_pdfA | Generate a clean remediation PDF locally from NowSecure findings (rendered by this server, NOT NowSecure's broken report service). Includes only open findings requiring remediation (default severities: blocker, critical, high, medium). Guaranteed to work even when the UI/REST PDF export fails. The server auto-names the file as [App_Name]NowSecure_report[yyyy-MM-dd_HHmmss].pdf when given outputDir + appName. |
| run_graphqlA | Run an arbitrary GraphQL query/mutation against the NowSecure Platform API. Escape hatch for schema introspection and custom queries. |
| download_assessment_pdfA | Attempt to download NowSecure's own PDF via the REST report endpoint (/report/assessment/ref/{ref}.pdf). This is a different code path than the broken UI export and may succeed. Falls back gracefully with an error if NowSecure's renderer also fails. |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/tatavarthitarun/nowsecure-mcp-server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server