Package Exports

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (security-mcp) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

security-mcp -- Your AI's Built-In Security Expert

Stop shipping vulnerable code. security-mcp gives your AI assistant the knowledge of a Senior Security Engineer who actively finds and fixes security issues in your code -- not just lists them.

Works with Claude Code, GitHub Copilot, Cursor, Codex, Replit, and any MCP-compatible editor.

Who Is This For?

You don't need a security background to use this. It's built for:

Vibe coders building fast and shipping faster -- who need security to just work
Indie hackers and solo founders who can't afford a dedicated security team
Full-stack developers who know their code works but aren't sure if it's safe
Startups and small teams shipping web apps, mobile apps, APIs, and SaaS products
AI-assisted developers using Claude Code, Copilot, Cursor, or Codex to write code
Anyone who's ever shipped code and wondered "wait, is this secure?"

You write the code. Your AI + security-mcp enforces the security.

What It Fortifies

security-mcp actively hardens every surface of your software:

Surface	What Gets Fortified
Web Apps	XSS, CSRF, injection attacks, insecure headers, authentication flaws, session bugs
APIs (REST, GraphQL, gRPC)	Auth gaps, IDOR, rate limiting, input validation, CORS misconfigs, SSRF
Mobile Apps (iOS + Android)	Insecure storage, certificate pinning, network security, reverse engineering exposure
Cloud Infrastructure (AWS, GCP, Azure)	Open firewall rules, public buckets, wildcard IAM, missing encryption, exposed metadata
AI / LLMs	Prompt injection, jailbreaks, RAG access control, output validation, data leakage
Code and Dependencies	Hardcoded secrets, vulnerable packages, supply chain risks, insecure crypto
CI/CD Pipelines	Secrets in logs, overprivileged deploy credentials, unvalidated artifacts

Quick Start

npx security-mcp install

That's it. The tool auto-detects your editor and writes the MCP config. Restart your editor -- done.

To target a specific editor:

npx security-mcp install --claude-code
npx security-mcp install --cursor
npx security-mcp install --vscode

Preview without writing anything:

npx security-mcp install --dry-run

In Claude Code, activate the security engineer:

/senior-security-engineer

Your AI will now find and fix security issues instead of just mentioning them.

How It Works

When you invoke /senior-security-engineer or call any security-mcp MCP tool, your AI shifts into the role of a Senior Security Engineer. It will:

Scan your code for vulnerabilities, misconfigurations, and security anti-patterns
Fix what it finds -- not just flag it; it rewrites the insecure code with the secure version
Enforce policies -- set up input validation, auth middleware, security headers, and rate limiting
Block dangerous patterns -- refuse to implement code that introduces known vulnerabilities
Explain everything in plain English -- no security jargon required

MCP Tools (Your AI Uses These Automatically)

Tool	What It Does
`security.get_system_prompt`	Loads the full security directive into your AI session -- activates the Senior Security Engineer mode
`security.threat_model`	Generates a complete threat model for any feature before a single line of code is written
`security.checklist`	Returns a hardened pre-ship checklist specific to your surface (web, API, mobile, AI, cloud)
`security.generate_policy`	Writes a `security-policy.json` for your project that the gate enforces on every PR
`security.run_pr_gate`	Scans your current code diff and blocks merge if it introduces CRITICAL or HIGH vulnerabilities
`repo.read_file`	Reads files from your workspace for analysis
`repo.search`	Searches your codebase for vulnerable patterns

Security Gate (Blocks Bad Code from Shipping)

npx security-mcp ci:pr-gate

Add this to your CI pipeline. It scans every PR and blocks the merge if it finds:

Hardcoded secrets or credentials
Known vulnerable dependencies (CRITICAL/HIGH CVEs)
Dangerous IaC patterns (open firewall rules, world-readable storage, wildcard IAM)
Auth gaps, SSRF, CSRF exposure
AI/LLM output that isn't properly bounded or validated

What Gets Fixed Automatically

When your AI has security-mcp active, it will fix these automatically -- not just warn about them:

Secrets and Authentication

Moves hardcoded secrets to environment variables / secret managers
Implements proper JWT validation (signature, expiry, issuer, audience)
Adds rate limiting and account lockout to auth endpoints
Enforces MFA requirements and session timeout policies
Implements Argon2id password hashing (not MD5, not SHA-1)

Input Validation and Injection

Adds server-side schema validation (Zod / Yup) to every API route
Blocks SQL injection, XSS, command injection, path traversal, SSRF
Sanitizes file uploads (validates magic bytes, strips filenames, scans for malware)
Normalizes and validates all user inputs with allowlist rules

Network and Cloud

Removes 0.0.0.0/0 ingress rules and replaces with source-restricted rules
Locks down S3/GCS/Azure Blob buckets that are world-readable
Removes wildcard IAM permissions and replaces with least-privilege policies
Enforces TLS 1.3 and rejects weak cipher suites

Web Security

Sets mandatory security headers (CSP, HSTS, X-Frame-Options, Permissions-Policy)
Removes inline JavaScript; enforces nonce-based CSP
Fixes CORS configurations that allow * on authenticated endpoints
Adds CSRF protection to all state-mutating endpoints

AI / LLM Security

Separates user content from system prompts (prevents prompt injection)
Adds output schema validation so models can't return arbitrary dangerous content
Enforces access control on RAG document retrieval
Adds rate limiting specific to AI endpoints

Supported Editors

Editor	Install Command	Config Location
Claude Code	`npx security-mcp install --claude-code`	`~/.claude/settings.json`
Cursor (global)	`npx security-mcp install --cursor`	`~/.cursor/mcp.json`
Cursor (workspace)	`npx security-mcp install --cursor`	`.cursor/mcp.json`
VS Code	`npx security-mcp install --vscode`	User `settings.json`
GitHub Copilot	Manual config (see below)	`.vscode/settings.json`
Codex	Manual config (see below)	Editor config
Replit	Manual config (see below)	`.replit` config
Any MCP-compatible	`npx security-mcp config`	Paste into editor config

Security Frameworks Applied (Automatically)

You don't need to know what these are. They're the standards that the world's top security teams use. security-mcp applies all of them on your behalf:

OWASP Top 10 (Web + API) -- the most common attack patterns
OWASP ASVS Level 2/3 -- application security verification
OWASP MASVS -- mobile app security
OWASP Top 10 for LLMs -- AI-specific vulnerabilities
MITRE ATT&CK Enterprise, Cloud, and Mobile -- real attacker playbooks
MITRE D3FEND -- defensive countermeasures mapped to every attack
MITRE ATLAS -- adversarial ML/AI attack techniques
NIST 800-53 Rev 5 -- the US government's security control catalog
NIST 800-207 -- Zero Trust Architecture
NIST AI RMF -- AI risk management
PCI DSS 4.0 -- payment card security (if you handle payments)
SOC 2 Type II -- cloud service security (if you serve enterprise customers)
ISO 27001:2022 -- international security management standard
GDPR / CCPA / HIPAA -- data privacy compliance
SLSA Level 3 -- supply chain security
CIS Benchmarks Level 2 -- hardened configurations for cloud and containers
CVSS v4.0 + EPSS -- vulnerability scoring and exploit probability

Manual Editor Configuration

Claude Code (`~/.claude/settings.json`)

{
  "mcpServers": {
    "security-mcp": {
      "command": "npx",
      "args": ["-y", "security-mcp", "serve"]
    }
  }
}

Cursor (`~/.cursor/mcp.json` or `.cursor/mcp.json`)

{
  "mcpServers": {
    "security-mcp": {
      "command": "npx",
      "args": ["-y", "security-mcp", "serve"]
    }
  }
}

VS Code / GitHub Copilot (`settings.json`)

{
  "mcp.servers": {
    "security-mcp": {
      "command": "npx",
      "args": ["-y", "security-mcp", "serve"]
    }
  }
}

Print the config snippet for any editor:

npx security-mcp config

Security Policy (CI/CD Gate)

Copy the default policy into your project:

cp node_modules/security-mcp/defaults/security-policy.json .mcp/policies/security-policy.json
cp node_modules/security-mcp/defaults/evidence-map.json .mcp/mappings/evidence-map.json

Or generate one tailored to your project:

Ask your AI: "Run security.generate_policy with surfaces=[web, api, ai] and cloud=aws"

Add the gate to GitHub Actions:

name: Security Gate

on:
  pull_request:
    branches: [main, master]

jobs:
  security-gate:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - uses: actions/setup-node@v4
        with:
          node-version: '20'

      - name: Block insecure code from merging
        run: npx -y security-mcp ci:pr-gate
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

The 10 Rules That Are Never Broken

No matter what your AI is asked to do, these rules are enforced without exception:

No 0.0.0.0/0 firewall rules -- ever
All internal services talk over private VPC only (no public internet)
Secrets live in a secret manager only -- never in code, env files, or logs
TLS 1.3 for everything in transit -- 1.0 and 1.1 are blocked
Passwords hashed with Argon2id or bcrypt (cost 14+) -- no MD5, no SHA-1
Every API input validated server-side with a schema -- no exceptions
No inline JavaScript -- CSP nonce-based only
Admin interfaces require FIDO2/WebAuthn passkey -- not just a password
Threat model written before building any auth, payment, or AI feature
Zero Trust: every request authenticated and authorized regardless of origin

Contributing

See CONTRIBUTING.md.

Responsible Disclosure

See SECURITY.md.

License

MIT - security-mcp contributors

security-mcp