Generate a password policy document and validators (regex, JSON Schema, etc.) from your complexity constraints. Includes built-in compliance baselines such as NIST 800-63B and PCI DSS 4.0.
MIT
203,628 tools. Last updated 2026-06-14 19:34
"OWASP" matching MCP tools:
- Map security findings or observations to OWASP LLM Top 10 (2025) categories with rule-based keyword and regex matching, returning top matches with evidence snippets and confidence scores.MIT
- Analyzes Electron source code to detect dangerous patterns like shell.openExternal with user input, disabled webSecurity, and other OWASP-style vulnerabilities specific to Electron.MIT
- Scan MCP servers from registry or repository URL to detect vulnerabilities including tool poisoning, command injection, and data exfiltration. Maps results to OWASP Agentic and MCP Top 10.Apache 2.0
- Scans an API against OWASP API Security Top 10 rules (BOLA, broken authentication, etc.) using an OpenAPI 3.x spec and returns a findings report with remediation hints.MIT
- Map a regulatory requirement to its equivalents across frameworks such as EU AI Act, NIST AI RMF, and ISO 42001. See overlap strength and practitioner notes to reduce duplicate compliance work.Apache 2.0
Matching MCP Servers
- AlicenseAqualityAmaintenanceOWASP Agentic - MCP server providing AI-powered tools and automation by MEOK AI LabsLast updated5MIT
- Flicense-qualityCmaintenanceA WebSocket-based MCP server for OWASP ZAP security scanning, enabling real-time control and monitoring of security assessments.Last updated15
Matching MCP Connectors
AI-security knowledge as MCP: standards-mapped tools (OWASP, NIST, MITRE) for AI agents.
Scan GitHub-hosted AI skills for vulnerabilities: prompt injection, malware, OWASP LLM Top 10.
- Search across indexed offline security knowledge bases from HackTricks, OWASP, and more. Retrieve ranked matches with source and snippet to ground answers in real documentation.MIT
- Generate a security findings report by aggregating taint analysis results and mapping them to a compliance framework such as OWASP, CWE, PCI DSS, or STIG.MIT
- Find current best practices and documentation for any topic, from web development to security, using authoritative references.Elastic 2.0
- Scan SKILL.md packages and agent tool definitions for security vulnerabilities including tool poisoning, command injection, data exfiltration, and prompt injection. Maps findings to OWASP Agentic and MCP Top 10.Apache 2.0
- Analyze code snippets for OWASP Top 10 security vulnerabilities including XSS and SQL injection. Specify language and optional framework for targeted scanning.Apache 2.0
- Scan inbound content for security threats like prompt injection, jailbreaks, and PII exposure before processing. Returns block, allow, or redact decisions with audit logs to protect AI agents.Apache 2.0
- Check a tool's name and description for poisoning by analyzing signature verification, description hash, and trust source.MIT
- Create a new NotebookLM notebook by uploading sources like URLs, text, or files programmatically. Returns the notebook URL for immediate use.MIT
- Retrieve OWASP cheat sheets by name or list all available cheat sheets to find best practices for common security issues.MIT
- Scan project files to detect OWASP Top-10 security vulnerabilities like SQL injection and XSS using pattern matching. Returns actionable findings in JSON.MIT
- Search across OWASP data sources including ASVS, WSTG, Top 10, and Cheat Sheets to locate security recommendations.MIT
- Assess your MCP server deployment against OWASP MCP Top 10 security risks. Describe your setup to receive vulnerability analysis and compliance guidance.MIT
- Track untrusted data flow from sources like HTTP params to dangerous sinks like SQL queries. Reports unsanitized flows with CWE IDs and fix suggestions for data-flow security analysis.MIT
- Evaluate cross-context data exposure risks for an agent by checking context isolation, session boundaries, PII detection, output sanitization, memory sharing, logging, and third-party data sharing.MIT