vibescan-mcp-server
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@vibescan-mcp-serverscan this project for secrets and security issues"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
vibescan-mcp-server
mcp-name: io.github.Aguantar/vibescan-mcp-server
MCP server for VibeScan — scan projects for leaked secrets and security issues directly from Claude Code.
Features
vibescan_scan— Scan a project for secrets, dangerous patterns, and git hygiene issuesvibescan_rules— List all 17 detection rules
What VibeScan detects
14 secret categories: env files, config hardcodes, cloud credentials, Docker/infra, CI/CD pipelines, IDE settings, SSH keys, hardcoded patterns, frontend env vars, data files, doc secrets, mobile files, system configs, editor remnants
Dangerous code patterns: eval(), exec(), shell injection, SQL injection, pickle, innerHTML
Git hygiene: missing .gitignore, unignored .env/.pem/.key files
All scanning runs locally — your code never leaves your machine.
Installation
pip install vibescan-mcp-serverUsage with Claude Code
Add to your .mcp.json:
{
"mcpServers": {
"vibescan": {
"command": "vibescan-mcp-server"
}
}
}Then ask Claude: "scan this project for security issues" or "check for leaked secrets".
License
MIT
This server cannot be installed
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/Aguantar/vibescan-mcp-server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server