Riskscore
@ItIsCuthNotCup
About Riskscore
Security awareness for AI agents — so your agent knows what's dangerous before it acts. Powered by CVE, NVD, CISA KEV, and OSV.dev vulnerability data with 196 credential detection rules, returning allow/warn/block decisions in real time. Stop your agent from running vulnerable de
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"riskscore": {
"command": "python",
"args": [
"mcp/server.py"
],
"env": {
"RISKSCORE_API_KEY": "your_key_here",
"RISKSCORE_BASE_URL": "https://riskscore2.p.rapidapi.com"
}
}
}
}Tools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is Riskscore?
Riskscore provides security awareness for AI agents by checking actions against vulnerability data from CVE, NVD, CISA KEV, and OSV.dev, along with 196 credential detection rules. It returns allow, warn, or block decisions in real time, helping agents avoid running vulnerable dependencies, leaking secrets, or accidentally deleting files.
How to use Riskscore?
The README does not provide installation or configuration instructions. Invoke Riskscore to evaluate an agent’s intended action and receive an allow/warn/block decision based on current vulnerability and credential data.
Key features of Riskscore
- Real-time allow, warn, or block decisions.
- Powered by CVE, NVD, CISA KEV, and OSV.dev data.
- 196 credential detection rules for secret leakage.
- Focused on AI agent safety and proactive risk awareness.
Use cases of Riskscore
- Prevent an AI agent from executing a command that uses a known vulnerable dependency.
- Block an agent from accidentally committing or sending a detected credential or secret.
- Warn an agent before it attempts to delete critical filesystem paths.
- Scan agent actions against the latest CISA Known Exploited Vulnerabilities catalog.
FAQ from Riskscore
What vulnerability sources does Riskscore use?
Riskscore uses data from CVE, NVD, CISA KEV, and OSV.dev.
How does Riskscore protect against secrets?
It includes 196 credential detection rules to identify and block potential secret leakage.
What kind of decisions can Riskscore return?
Riskscore returns one of three decisions: allow, warn, or block.
Who is Riskscore designed for?
Riskscore is designed for AI agents and developers who want to embed security awareness directly into agent workflows.
Does Riskscore require any runtime dependencies?
The README does not list any specific runtime or dependency requirements.
More Developer Tools MCP servers
MCP-Scan: An MCP Security Scanner
invariantlabs-aiSecurity scanner for AI agents, MCP servers and agent skills.
sentry-mcp
getsentryAn MCP server for interacting with Sentry via LLMs.

Sentry
modelcontextprotocolModel Context Protocol Servers
test
prysmaticlabsGo implementation of Ethereum proof of stake
MCP Framework
QuantGeekDevThe Typescript MCP Framework
Comments