MCP.so
登录

Middlebrick

@middleBrick

关于 Middlebrick

Scan APIs for security vulnerabilities and get OWASP risk scores. Detects auth bypass, BOLA/IDOR, data exposure, prompt injection, and 12+ security categories.

基本信息

分类

开发工具

传输方式

stdio

发布者

middleBrick

提交者

Isaac [{v}p]

配置

使用下面的配置,将此服务器添加到你的 MCP 客户端。

{
  "mcpServers": {
    "middlebrick": {
      "command": "npx",
      "args": [
        "-y",
        "@middlebrick/mcp-server"
      ],
      "env": {
        "MIDDLEBRICK_API_KEY": "mb_your_key_here"
      }
    }
  }
}

工具

3

Scan an API endpoint for security vulnerabilities

Get results of a previous scan

List previous scans

概览

What is Middlebrick?

Middlebrick is an MCP server that integrates with middleBrick API security scanning. It lets AI assistants like Claude and Cursor scan APIs for vulnerabilities via tool calls.

How to use Middlebrick?

Install by configuring the MCP client with the command npx -y @middlebrick/mcp-server and setting the MIDDLEBRICK_API_KEY environment variable. Invoke the tools scan_api, get_scan, and list_scans from the AI assistant.

Key features of Middlebrick

  • Scan an API endpoint for security vulnerabilities
  • Retrieve results of a previous scan
  • List all previous scans with filtering
  • Configure via environment variables
  • Works with Claude Desktop and Cursor

Use cases of Middlebrick

  • AI-assisted security auditing of API endpoints
  • Automated vulnerability scanning during development
  • Retrieving and reviewing past scan results in chat

FAQ from Middlebrick

How do I get a Middlebrick API key?

Get your API key at middlebrick.com/dashboard.

What tools does Middlebrick provide?

Three tools: scan_api (scan an endpoint), get_scan (get a scan’s results), and list_scans (list previous scans).

What parameters does scan_api require?

The url parameter (string) is required; method (string, default GET) is optional.

Can I override the API base URL?

Yes, set the MIDDLEBRICK_BASE_URL environment variable (optional).

What scan statuses can I filter with list_scans?

You can filter by queued, processing, completed, or failed.

评论

开发工具 分类下的更多 MCP 服务器