Skip to content
/ vulnicheck Public

Python vulnerability scanner & MCP security toolkit. Real-time dependency checking via OSV/NVD/GitHub Advisory DBs, Docker analysis, secrets detection, MCP config validation, LLM-powered risk assessment & interactive security audits. Full CVE details, CVSS scores & remediation guidance.

License

MIT license
3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

andrasfe/vulnicheck

BranchesTags

Repository files navigation

VulniCheck - AI-Powered Security Scanner

VulniCheck provides comprehensive security analysis for Python projects and GitHub repositories using AI-powered vulnerability detection.

Quick Start

Installation for Claude Code

[!CAUTION] MCP servers can execute code on your system. Only install MCP servers from trusted sources after reviewing their code and understanding the permissions they require.

The simplest way to get started is to ask claude: Hey Claude, follow instructions at https://raw.githubusercontent.com/andrasfe/vulnicheck/refs/heads/main/CLAUDE_INSTALL.md to install this MCP server.

Usage

Once installed, simply ask Claude Code:

"Run a comprehensive security check on my project"

"Run a comprehensive security check on https://github.com/owner/repo"

"Check this directory for security vulnerabilities"

VulniCheck will:

  • ✅ Scan dependencies for known vulnerabilities
  • ✅ Detect exposed secrets and credentials
  • ✅ Analyze Dockerfiles for security issues
  • ✅ Validate MCP configurations
  • ✅ Generate AI-powered risk assessments
  • ✅ Provide actionable remediation recommendations

Key Features

  • Comprehensive Coverage: Queries 5+ vulnerability databases (OSV.dev, NVD, GitHub Advisory, CIRCL, Safety DB)
  • GitHub Integration: Scan any public/private GitHub repository directly
  • AI-Powered Analysis: Uses OpenAI/Anthropic APIs for intelligent security assessment
  • Secrets Detection: Finds exposed API keys, passwords, and credentials
  • Docker Security: Analyzes Dockerfiles for vulnerable dependencies
  • Smart Caching: Avoids redundant scans with commit-level caching
  • Zero Config: Works out of the box, enhanced with optional API keys

Requirements

  • Python 3.10+
  • Claude Code or compatible MCP client

Known Limitations & TODO

  • setup.py files: Currently not supported for dependency scanning. The scanner only supports requirements.txt, pyproject.toml, and lock files. Projects using setup.py for dependency management will need to generate a requirements.txt file or migrate to pyproject.toml.

Support

DISCLAIMER: Vulnerability data provided "AS IS" without warranty. Users responsible for verification. See DETAILS.md for full disclaimer.

About

Python vulnerability scanner & MCP security toolkit. Real-time dependency checking via OSV/NVD/GitHub Advisory DBs, Docker analysis, secrets detection, MCP config validation, LLM-powered risk assessment & interactive security audits. Full CVE details, CVSS scores & remediation guidance.

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy