ScanRook MCP Server
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@ScanRook MCP ServerScan node:20-alpine for vulnerabilities"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
ScanRook MCP Server
An MCP (Model Context Protocol) server that gives AI assistants vulnerability scanning capabilities via ScanRook.
Tools
Tool | Description |
| Scan a Docker/OCI image for vulnerabilities |
| Check scan progress and results |
| Get detailed vulnerability findings |
| Look up a specific CVE |
| List recent scans |
| Check license compliance |
| Compare findings between two scans |
| Check a package for known vulnerabilities |
Related MCP server: Veracode MCP
Setup
Install
npm install -g scanrook-mcpConfigure
Set your ScanRook API key:
export SCANROOK_API_KEY="your-api-key"
export SCANROOK_API_URL="https://scanrook.io" # optional, defaults to scanrook.ioUse with Claude Code
Add to your Claude Code MCP settings:
{
"mcpServers": {
"scanrook": {
"command": "scanrook-mcp",
"env": {
"SCANROOK_API_KEY": "your-api-key"
}
}
}
}Use with Claude Desktop
Add to ~/Library/Application Support/Claude/claude_desktop_config.json:
{
"mcpServers": {
"scanrook": {
"command": "npx",
"args": ["scanrook-mcp"],
"env": {
"SCANROOK_API_KEY": "your-api-key"
}
}
}
}Examples
Once connected, you can ask your AI assistant:
"Scan nginx:1.27 for vulnerabilities"
"What's the status of my last scan?"
"Show me the critical findings"
"Is CVE-2024-0727 in my image?"
"Check if lodash 4.17.20 has any known vulnerabilities"
"Compare my latest scan with last week's scan"
"Analyze the licenses in my last scan"
Environment Variables
Variable | Default | Description |
| (required) | Your ScanRook API key |
|
| ScanRook API base URL |
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/devinshawntripp/scanrook-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server