io.github.andrasfe

vulnicheck

HTTP MCP Server for comprehensive Python vulnerability scanning and security analysis.

Streamable HTTPcommunityapplication

Package Details

andrasfe/vulnicheck

mainhttps://hub.docker.com/r/andrasfe/vulnicheck
TransportStreamable HTTP

Environment Variables

NVD_API_KEY(str)
Secret

API key for NIST National Vulnerability Database (increases rate limit from 5 to 50 requests per 30 seconds)

GITHUB_TOKEN(str)
Secret

GitHub token for Advisory Database access (increases rate limit to 5000 requests per hour)

OPENAI_API_KEY(str)
Secret

OpenAI API key for LLM-based risk assessment in MCP passthrough operations

ANTHROPIC_API_KEY(str)
Secret

Anthropic API key for LLM-based risk assessment (alternative to OpenAI)

MCP_PORT(num)

Port for MCP HTTP server (default: 3000)

CACHE_TTL(num)

Cache time-to-live in seconds for vulnerability data (default: 900)

VULNICHECK_HTTP_ONLY(str)

Enable HTTP-only mode with MCP client delegation (true/false, default: auto-detect)