MCP.so
Sign In
E

Eleion Scanner Mcp

@hernaninverso

About Eleion Scanner Mcp

Eleion security scanner for AI agents: register/verify your domains,

Basic information

Category

Other

Transports

stdio

Publisher

hernaninverso

Submitted by

Hernán Inverso

Config

Add this server to your MCP-compatible client using the configuration below.

{
  "mcpServers": {
    "eleion-scanner": {
      "command": "npx",
      "args": [
        "-y",
        "eleion-scanner-mcp"
      ],
      "env": {
        "SCANNER_API_KEY": "your_tenant_key"
      }
    }
  }
}

Tools

No tools detected

We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.

Overview

What is Eleion Scanner Mcp?

Eleion Scanner Mcp is an MCP server that drives the Eleion security scanner from an AI agent. It lets you register your own domains, prove ownership, queue a security scan (headers, TLS, DNS, ports, tech-fingerprint, plus AI-specific checks), and retrieve findings with severity, CVE, title, and priority. It wraps the hosted Eleion Scanner API at https://scanner-api.eleion.io.

How to use Eleion Scanner Mcp?

Configure it in your MCP client using npx -y eleion-scanner-mcp with the environment variable SCANNER_API_KEY set to your tenant key (obtained from https://scan.eleion.io). Use the provided tools: scanner_register_target to register a domain, scanner_verify_target to prove ownership, scanner_start_scan to queue a scan, scanner_get_scan_status to poll progress, and scanner_get_findings to list results. You can only scan domains you have registered and verified.

Key features of Eleion Scanner Mcp

  • Register your own domain for scanning
  • Verify ownership via DNS TXT or well-known record
  • Queue scans with Basic, Full, or Deep profiles
  • Poll scan status until completion
  • Retrieve findings with severity, CVE, and priority
  • AI-specific security checks alongside standard tests

Use cases of Eleion Scanner Mcp

  • Automate security scanning of your owned domains
  • Integrate vulnerability discovery into AI agent workflows
  • Continuously monitor domain security posture (headers, TLS, DNS)
  • Fetch and act on findings (CVEs, misconfigurations) programmatically
  • Perform deep scans on domains after ownership verification

FAQ from Eleion Scanner Mcp

Can I scan any arbitrary website?

No. You can only scan domains you have registered and verified ownership of via DNS TXT or well-known record. This is a security measure to prevent abuse.

What runtime dependencies are required?

The server runs via npx (Node.js). You need a SCANNER_API_KEY environment variable set to a valid tenant key from https://scan.eleion.io.

Where does my data get processed and stored?

Your registered domains, scan results, and findings are processed and stored by the hosted Eleion Scanner API (https://scanner-api.eleion.io). The MCP server itself only passes commands and responses.

How do I handle long-running scans?

Large scans take time. Poll scanner_get_scan_status until the status shows completed, then use scanner_get_findings to retrieve results.

What transport and authentication does the server use?

The MCP server communicates with the Eleion Scanner API over HTTPS. Authentication is via the SCANNER_API_KEY provided in the environment configuration.

Comments

More Other MCP servers