Enterprise DNA
M MCP Servers Developer low

Skyrxin/sast-mcp-server

by Various

[](https://glama.ai/mcp/servers/Skyrxin/sast-mcp-server) 🐍 🏠 🍎 πŸͺŸ 🐧 - SAST/DAST server exposing 11 security scanners (Bandit, Semgrep, Trivy, CodeQL, Checkov, Gitleaks, OSV-Sca

S

MCP

Skyrxin/sast-mcp-server

Added 18 June 2026

Overview

A Python-based MCP server that exposes 11 static and dynamic application security testing scanners through a unified interface. It integrates tools like Bandit, Semgrep, Trivy, CodeQL, Checkov, Gitleaks, and OSV-Scanner to automate security analysis.

Best for

Best for
Developers who want to experiment with MCP-based security scanning across multiple tools

Use cases

  • Run multiple SAST/DAST scanners from a single MCP endpoint
  • Automate security scanning in CI/CD pipelines
  • Aggregate findings from diverse security tools for triage

Notes

A Python-based MCP server that exposes 11 static and dynamic application security testing scanners through a unified interface. It integrates tools like Bandit, Semgrep, Trivy, CodeQL, Checkov, Gitleaks, and OSV-Scanner to automate security analysis.

1 stars on GitHub. Last updated 2026-06-17. Licensed MIT.

Use cases

  • Run multiple SAST/DAST scanners from a single MCP endpoint
  • Automate security scanning in CI/CD pipelines
  • Aggregate findings from diverse security tools for triage

Pros

  • Unifies 11 popular security scanners under one protocol
  • Reduces integration effort for multi-scanner workflows
  • Open source with Python codebase for easy customization

Cons

  • Very early stage with only 1 GitHub star
  • Limited documentation and community support
  • Dependency on external scanners may cause version conflicts

Indexed from awesome-mcp-servers-punkpeye and enriched against its public facts.

Pros

  • Unifies 11 popular security scanners under one protocol
  • Reduces integration effort for multi-scanner workflows
  • Open source with Python codebase for easy customization

Cons

  • Very early stage with only 1 GitHub star
  • Limited documentation and community support
  • Dependency on external scanners may cause version conflicts
Free 27-page guide

Get the free Developer’s Field Guide

A 27-page field guide to the AI coding workflow with Claude. Claude Code, MCP servers, the prompt patterns that work, and what to delegate. Free.

Enter your work email. We send it straight over, plus a few short notes worth knowing. Unsubscribe any time.

No spam. Unsubscribe any time.

Running a business, not writing the code? See the MCP servers picked for operators, and get your first one wired up with us.

Operator picks