Skip to content
AbrahamOO edited this page Jun 18, 2026 · 2 revisions

security-mcp

security-mcp is an autonomous application-security engineering platform that runs as a local Model Context Protocol (MCP) server. It plugs into the editor or CI you already use, reads your code, and does the work a security team would do: it threat-models, scans, finds real vulnerabilities, writes the fix, enforces policy gates, and produces signed, audit-ready attestations.

It is built for everyone from a solo builder shipping a side project to enterprise platform and security teams who need continuous, defensible coverage across web, API, infrastructure, mobile, cloud, and AI/LLM systems. You do not need a security background to use it.

Version 1.3.2. MIT licensed. Requires Node >= 20.

Install

npx -y security-mcp@latest install

The installer auto-detects Claude Code, Cursor, VS Code / Copilot, and Windsurf, and wires the MCP server into the right config file. It works with Codex, Replit, and any MCP-capable editor.

The two entry points

Everything starts from one of two commands inside your editor.

  • /senior-security-engineer is the daily driver: a single autonomous engineer that fortifies the code in front of you. Its mandate is 90% fixing and 10% advisory. It picks a scope (recent changes, full codebase, or specific files), runs strategy then the gate then inline fixes, and emits a SHA-256 attested report. See Senior Security Engineer.
  • /ciso-orchestrator is the heavy program: a multi-agent security organization with 9 leads, 30 sub-agents, and runtime ghost and coverage agents, backed by a 91-skill registry. It runs parallel discovery, then adversarial pentest and compliance, then synthesis and attestation, covering every section of the methodology. Reach for it before major releases, audits, or funding events. See CISO Orchestrator.

Both entry points share the same foundation: a deterministic gate engine, a 998-rule cloud controls engine, a model-agnostic provider router, a learning engine, and a tamper-evident attestation chain.

Quick orientation

flowchart LR
  Dev[Editor or CI] --> MCP[security-mcp server]
  MCP --> SSE[/senior-security-engineer/]
  MCP --> CISO[/ciso-orchestrator/]
  SSE --> Gate[Gate engine]
  CISO --> Gate
  Gate --> Out[.mcp artifacts<br/>reviews, attestations, baselines]
Loading

The server runs on your machine. Your source never leaves it. The only outbound calls are optional package, GitHub, and threat-intel lookups, and only when permitted; SECURITY_OFFLINE disables all of them. See Security and Hardening and the FAQ.

Table of contents

Page What it covers
Architecture How the server, gate, orchestrator, and subsystems fit together, and what gets written to .mcp/
The Gate Engine The full deterministic pipeline, all check modules, scanners, and threat intel
Cloud Security Controls The 998-rule FSBP/CIS engine and Terraform auto-remediation
CISO Orchestrator The 39-agent program, the 91-skill registry, and the three phases
Senior Security Engineer The daily-driver single agent and its fix-first flow
MCP Tools Reference Every MCP tool and prompt, grouped with descriptions
Configuration and Policy Policy schema, exceptions, and signing
CI/CD Integration Running the gate in CI and pre-commit, plus HMAC integrity
Security and Hardening How the tool protects itself and your trust story
Environment Variables The complete grouped env var reference
Compliance and Frameworks The framework catalog and audit artifacts
Troubleshooting and FAQ Common issues and answers

Source and disclosure

Repository: github.com/AbrahamOO/security-mcp. Responsible disclosure runs through GitHub private vulnerability reporting; see SECURITY.md in the repo.

Clone this wiki locally