Skip to main content
Glama
259,722 tools. Last updated 2026-07-05 02:33

"A server that scans projects for security vulnerabilities and recommends fixes" matching MCP tools:

  • Scan codebases for security vulnerabilities with deterministic checks and graph-aware severity scoring. Detects CVEs, injection, secrets, XSS, and more, returning prioritized findings with attack scenarios and fixes.
    Business Source 1.1
  • Scan a repository for security vulnerabilities before deploy or release. Use as a baseline security pass to identify issues.
    MIT
  • Scans Conan projects or specific packages for security vulnerabilities using the audit.conan.io service, analyzing transitive dependencies when a path is provided or a single reference for targeted audits.
    MIT
  • Audit a server for security vulnerabilities across 31 categories and 449 checks, returning a score and quick wins.
    Apache 2.0
  • Analyze a Git repository for 14 security vulnerability classes, including prompt injection and secret exposure, before running it as an MCP server.
    MIT

Matching MCP Servers

Matching MCP Connectors

  • Scan a SKILL.md file for security vulnerabilities. Analyzes against 61 rules covering instruction override, capability abuse, and prompt injection.
    MIT
  • Scans infrastructure as code files (Dockerfiles, Kubernetes manifests, Terraform configs) for security vulnerabilities using Symbiotic CLI, creating temporary files and cleaning up without affecting the workspace.
    MIT
  • Query ZoomEye's vulnerability database by keyword to retrieve detailed security vulnerabilities including CVE IDs, severity, and affected versions for specific products or vendors.
    MIT
  • Apply safe auto-fixes to a server: audit, filter safe fixes, create backup, apply fixes, and re-audit for score delta. Preview only by default; excludes SSH, firewall, and Docker.
    Apache 2.0
  • Enables continuous vulnerability monitoring for a project by scanning lockfiles, recording a baseline, and alerting on new vulnerabilities discovered after registration.
    MIT
  • Audit Rust smart contracts for security vulnerabilities with automated framework detection. Analyzes source code or GitHub URLs and returns a severity-graded report with root cause analysis and fixes.
    MIT
  • Scan code for vulnerabilities, apply only verifiably resolved fixes, and receive a definition-of-done gate to confirm security patches are effective.
    Apache 2.0
  • Retrieve the CISA Known Exploited Vulnerabilities catalog to identify actively exploited security flaws. Returns daily-updated data with quality scoring and source verification for security auditing.
  • Scan prompt template files to find prompt injection and unsafe interpolation risks, catching vulnerabilities that package scans miss.
    Apache 2.0
  • Analyze smart contracts for security vulnerabilities, exploit patterns, and rug-pull signals to assess risks before interacting with unfamiliar contracts.
    MIT
  • Scan SKILL.md packages and agent tool definitions for security vulnerabilities including tool poisoning, command injection, data exfiltration, and prompt injection. Maps findings to OWASP Agentic and MCP Top 10.
    Apache 2.0