Best Sec AI Skills & MCP Servers

Agentic CVE remediation platform for Node.js. Correlates threat intelligence, applies policy-governed fixes, and delivers auditable remediation outcomes across CI/CD pipelines, agent workflows, and service portfolios.

Powerpipe MCP server to run benchmarks, detections and controls using AI.

An ntfy MCP server for sending ntfy notifications to your self-hosted ntfy server from AI Agents 📤 (supports secure token auth & more - use with npx or docker!)

Node.js/TypeScript MCP server for AWS Single Sign-On (SSO). Enables AI systems (LLMs) with tools to initiate SSO login (device auth flow), list accounts/roles, and securely execute AWS CLI commands using temporary credentials. Streamlines AI interaction w

Scaffold a Tap v2 browser-automation plan in seconds. `npx create-tap-script <site>/<name>` generates a deterministic .plan.json that runs at zero LLM tokens in Claude Code, Cursor, and any MCP host.

CodeSlick CLI tool for pre-commit security scanning — 308 checks across JS, TS, Python, Java, Go

Multi-language code quality auditor with MCP server - Analyze TypeScript, JavaScript, and Go code for SOLID principles, DRY violations, security patterns, and more

MCP server providing security scanning, prompt injection detection, secret leak detection, and agent permission auditing for AI agent workflows

Multi-account orchestration and secure token storage for OAuth-based MCP servers

MCP server for APIMesh — 76 x402-payable tools for AI agents (74 APIs + wallet usage + spend caps). Covers web vitals, security headers, SEO audits, email security and verification, tech-stack detection, brand assets, redirect chains, indexability, brand

Local MCP credential broker for coding agents (Claude Code, Codex, Gemini, and any other MCP-stdio client). Values never enter the AI transcript — the agent requests secrets through a schema, a localhost form lets you type them, and they land in Vault, .e

Security scanner for AI agent packages — CLI + MCP server

APIValidator Model Context Protocol (MCP) server for local validation, OpenAPI security auditing, and premium global telephone/IBAN verification.

MCP server for AI assistants: read, write, edit, and manage files securely on local filesystem.

GitHub security posture audit tools for AI agents — organization, repository, Actions, secrets, supply chain analysis via MCP

MCP server with 323 cybersecurity prompts and 7 scenario workflows. Drops into Claude Desktop, Claude Code, Cursor, and other MCP-compatible clients.

Drive any Electron app from your AI. MCP server with 93 tools, 4 recipe packages (Slack/Discord/Notion/Linear), security primitives, and a CLI mirror. The testing surface area Tauri structurally cannot match.

MCP server for security scanning — structured Trivy, Semgrep, and Gitleaks findings for AI agents

Open-source security scanner for Model Context Protocol (MCP) servers. Audits Claude Desktop, VS Code, Cursor, Windsurf, and 16+ AI tools for secrets, prompt injection, supply-chain risks, and 17+ security checks.

MCP server for Section 8 Fair Market Rent (FMR) lookups — ZIP code search, state/county browsing, historical trends, and HUD glossary

Official TypeScript client & CLI for the Willi-Mako API v2 – OpenAI-compatible chat completions, streaming chat, EDIFACT analysis, market communication & ETL automation for German energy sector

Search Wikipedia articles, read summaries and full text, target sections, find nearby pages, and list language editions via MCP. STDIO or Streamable HTTP.

VibeSecurity — Auditoria de segurança para quem cria com IA. Secrets, vulnerabilidades e rotas sem auth.

Security co-pilot for AI agents. Scan for vulnerabilities, verify governance, audit MCP servers, and generate compliance reports — all from Claude, Cursor, or any MCP client.