6 #owasp MCP Servers & Clients
Every MCP server and client below is tagged #owasp — install one to give Claude, Cursor, VS Code, or any other MCP-compatible client access to owasp tools.
すべて
Mandatez Mcp
mandatez
MASSAT - Security Audit for AI Agent Systems
craigmbrown
Open-source security audit framework covering all 10 OWASP Agentic AI threat categories (ASI01-ASI10). Scan multi-agent systems for prompt injection, data exfiltration, broken access control, and 7 more categories. Returns risk scores (0-100) with remediation priorities. Free tie
GuardVibe — Security MCP for Vibe Coding
goklab
Security MCP server with 300+ rules for AI-generated code. Scans Next.js, Supabase, Clerk, Stripe, Prisma, Hono, GraphQL, and 20+ modules. Zero config, runs locally.
Compuute MCP Security Scanner
Compuute
Scan-as-a-Service for MCP servers — HTTP+MCP wrapper around compuute-scan
Middlebrick
middleBrick
Scan APIs for security vulnerabilities and get OWASP risk scores. Detects auth bypass, BOLA/IDOR, data exposure, prompt injection, and 12+ security categories.
MCP ZAP Server
dtkmn
A Spring Boot application exposing OWASP ZAP as an MCP (Model Context Protocol) server. It lets any MCP‑compatible AI agent (e.g., Claude Desktop, Cursor) orchestrate ZAP actions—spider, active scan, import OpenAPI specs, and generate reports.
Frequently asked questions
What is a #owasp MCP server?
- An MCP server tagged #owasp implements the Model Context Protocol so AI assistants like Claude, Cursor, and VS Code can access owasp-related tools, data, or APIs.
How many #owasp MCP servers and clients are there?
- mcp.so currently lists 6 MCP servers and clients tagged #owasp.
How do I install a #owasp MCP server?
- Open any server below and copy its install snippet into Claude Desktop, Cursor, VS Code, or another MCP client's configuration — remote servers need no separate download.