io.github.Skyrxin

sast-mcp-server

SAST MCP Server

11-scanner SAST/DAST MCP server with closed-loop remediation, SBOM/SARIF, and CI integrations

stdiocommunityapplication

Package Details

sast-mcp-server

0.8.1https://pypi.org/project/sast-mcp-server
Transportstdio
Runtimeuvx

Environment Variables

SAST_MCP_TIMEOUT
Default:300

Per-scan timeout in seconds (default: 300).

SAST_MCP_LOG_LEVEL
Default:INFO

Logging level: DEBUG, INFO, WARNING, ERROR (default: INFO).

SAST_MCP_API_KEY
Secret

Optional static API key to require auth (legacy mode; HTTP transports).

SAST_MCP_JWT_SECRET
Secret

Optional HMAC secret to require JWT auth with scopes (HTTP transports).