Best Security AI Skills & MCP Servers

Security scanner MCP server for AI coding agents. Prompt injection firewall, package hallucination detection (4.3M+ packages), 1700+ vulnerability rules with AST & taint analysis, LLM-powered semantic code review, auto-fix. For Claude Code, Cursor, Windsu

Browser-based IDE + AI agent orchestration CLI. Run Claude Code in parallel across git worktrees, auto-approve safe tools with the Security Bouncer, and control long-running AI work from any device at app.mstro.app.

Steampipe MCP server to query cloud infrastructure, SaaS, code and more with SQL using AI.

MCP server + live dashboard for AI code governance — OWASP LLM Top 10 (10/10), real-time MCP App UI, 25+ security patterns, Bayesian learning Brain, hallucinated import detection, multi-agent governance. Works with Claude, Cursor, VS Code, ChatGPT, Goose,

Hardened, self-hosted Excalidraw MCP server with SQLite persistence, multi-tenancy, auto-sync, security middleware, and 369 tests

MCP server enabling AI assistants to securely execute SSH commands, transfer files via SFTP, manage port forwarding, and use parameterized command templates with comprehensive security controls

CLI and MCP servers for Cutline, including SlopBurn: a product quality engineering roguelike RPG for vibecoding workflows.

Powerpipe MCP server to run benchmarks, detections and controls using AI.

Agentic CVE remediation platform for Node.js. Correlates threat intelligence, applies policy-governed fixes, and delivers auditable remediation outcomes across CI/CD pipelines, agent workflows, and service portfolios.

CodeSlick CLI tool for pre-commit security scanning — 308 checks across JS, TS, Python, Java, Go

Multi-language code quality auditor with MCP server - Analyze TypeScript, JavaScript, and Go code for SOLID principles, DRY violations, security patterns, and more

MCP server that gives AI agents (Claude, Cursor, Copilot) deep understanding of your codebase patterns, conventions, and architecture. Query patterns, security boundaries, call graphs in real-time.

MCP server providing security scanning, prompt injection detection, secret leak detection, and agent permission auditing for AI agent workflows

Drive any Electron app from your AI. MCP server with 93 tools, 4 recipe packages (Slack/Discord/Notion/Linear), security primitives, and a CLI mirror. The testing surface area Tauri structurally cannot match.

Security scanner for AI agent packages — CLI + MCP server

APIValidator Model Context Protocol (MCP) server for local validation, OpenAPI security auditing, and premium global telephone/IBAN verification.

MCP server for APIMesh — 76 x402-payable tools for AI agents (74 APIs + wallet usage + spend caps). Covers web vitals, security headers, SEO audits, email security and verification, tech-stack detection, brand assets, redirect chains, indexability, brand

GitHub security posture audit tools for AI agents — organization, repository, Actions, secrets, supply chain analysis via MCP

MCP server for security scanning — structured Trivy, Semgrep, and Gitleaks findings for AI agents

Security evals for the AI era. Probes · Targets · Graders · Proof. Confirmed XSS / SQLi / BOLA / prompt-injection / MCP-RCE with reproducible proof attached to every finding.

MCP server with 323 cybersecurity prompts and 7 scenario workflows. Drops into Claude Desktop, Claude Code, Cursor, and other MCP-compatible clients.

Open-source security scanner for Model Context Protocol (MCP) servers. Audits Claude Desktop, VS Code, Cursor, Windsurf, and 16+ AI tools for secrets, prompt injection, supply-chain risks, and 17+ security checks.

Security co-pilot for AI agents. Scan for vulnerabilities, verify governance, audit MCP servers, and generate compliance reports — all from Claude, Cursor, or any MCP client.

Lightweight dependency vulnerability audit tool with CLI and MCP Server support