概览
What is Apviso MCP?
Apviso MCP is a Model Context Protocol server that connects AI coding assistants (Claude Code, Cursor, Windsurf, Codex) to the APVISO AI-powered penetration testing platform. It enables developers to register targets, launch scans, view findings, and manage security testing directly from their IDE.
How to use Apviso MCP?
Obtain an API key from your APVISO dashboard, then configure the server using Claude Code (claude mcp add) or by editing .mcp.json / ~/.claude.json with the required APVISO_API_KEY environment variable. The server runs via npx -y @apviso/mcp as a stdio transport.
Key features of Apviso MCP
- Manage targets (register, verify, delete)
- Launch penetration tests and monitor scan status
- List and update vulnerability findings
- Retrieve full pentest reports in markdown
- Configure recurring scan schedules (Business/Enterprise plans)
- Check account quota and billing period
Use cases of Apviso MCP
- Register a new domain and verify ownership before scanning
- Start a penetration test on a target and track its progress
- Review and triage discovered vulnerabilities directly from your assistant
- Set up automated recurring security scans for continuous testing
- Integrate security testing into development workflows without changing tools
FAQ from Apviso MCP
What transport does Apviso MCP use?
The server uses the stdio transport.
What environment variable is required?
APVISO_API_KEY is required; it must be an API key starting with apvk_.
How can I verify the server is running?
Inside Claude Code, run /mcp to check the server status.
Is it possible to use a different API URL?
Yes, set the optional APVISO_API_URL environment variable; it defaults to https://apviso.com/api.
Can I run Apviso MCP without Claude Code?
Yes, you can configure it in any MCP-compatible client by setting the command and environment variables as shown in the manual config section.