
Middlebrick
@middleBrick
About Middlebrick
Scan APIs for security vulnerabilities and get OWASP risk scores. Detects auth bypass, BOLA/IDOR, data exposure, prompt injection, and 12+ security categories.
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"middlebrick": {
"command": "npx",
"args": [
"-y",
"@middlebrick/mcp-server"
],
"env": {
"MIDDLEBRICK_API_KEY": "mb_your_key_here"
}
}
}
}Tools
3Scan an API endpoint for security vulnerabilities
Get results of a previous scan
List previous scans
Overview
What is Middlebrick?
Middlebrick is an MCP server that integrates with middleBrick API security scanning. It lets AI assistants like Claude and Cursor scan APIs for vulnerabilities via tool calls.
How to use Middlebrick?
Install by configuring the MCP client with the command npx -y @middlebrick/mcp-server and setting the MIDDLEBRICK_API_KEY environment variable. Invoke the tools scan_api, get_scan, and list_scans from the AI assistant.
Key features of Middlebrick
- Scan an API endpoint for security vulnerabilities
- Retrieve results of a previous scan
- List all previous scans with filtering
- Configure via environment variables
- Works with Claude Desktop and Cursor
Use cases of Middlebrick
- AI-assisted security auditing of API endpoints
- Automated vulnerability scanning during development
- Retrieving and reviewing past scan results in chat
FAQ from Middlebrick
How do I get a Middlebrick API key?
Get your API key at middlebrick.com/dashboard.
What tools does Middlebrick provide?
Three tools: scan_api (scan an endpoint), get_scan (get a scan’s results), and list_scans (list previous scans).
What parameters does scan_api require?
The url parameter (string) is required; method (string, default GET) is optional.
Can I override the API base URL?
Yes, set the MIDDLEBRICK_BASE_URL environment variable (optional).
What scan statuses can I filter with list_scans?
You can filter by queued, processing, completed, or failed.
More Developer Tools MCP servers
test
cloudwegoThe ultimate LLM/AI application development framework in Go.
MCP Framework
QuantGeekDevThe Typescript MCP Framework
MCP-Scan: An MCP Security Scanner
invariantlabs-aiSecurity scanner for AI agents, MCP servers and agent skills.
Golf
golf-mcpProduction-Ready MCP Server Framework • Build, deploy & scale secure AI agent infrastructure • Includes Auth, Observability, Debugger, Telemetry & Runtime • Run real-world MCPs powering AI Agents
sentry-mcp
getsentryAn MCP server for interacting with Sentry via LLMs.
Comments