I craft unique cereal names, stories, and ridiculously cute Cereal Baby images.

mcp-snyk
Servidor MCP para escaneo de seguridad SNYK
1
Github Watches
6
Github Forks
6
Github Stars
Snyk MCP Server
A standalone Model Context Protocol server for Snyk security scanning functionality.
WARNING: THIS MCP SERVER IS CURRENTLY IN ALPHA AND IS NOT YET FINISHED!
Configuration
Update your Claude desktop config (claude-config.json
):
{
"mcpServers": {
"snyk": {
"command": "npx",
"args": [
"-y",
"github:sammcj/mcp-snyk"
],
"env": {
"SNYK_API_KEY": "your_snyk_token",
"SNYK_ORG_ID": "your_default_org_id" // Optional: Configure a default organisation ID
}
}
}
}
Replace the token with your actual Snyk API token. The organisation ID can be configured in multiple ways:
- In the MCP settings via
SNYK_ORG_ID
(as shown above) - Using the Snyk CLI:
snyk config set org=your-org-id
- Providing it directly in commands
The server will try these methods in order until it finds a valid organisation ID.
Verifying Configuration
You can verify your Snyk token is configured correctly by asking Claude to run the verify_token command:
Verify my Snyk token configuration
This will check if your token is valid and show your Snyk user information. If you have the Snyk CLI installed and configured, it will also show your CLI-configured organization ID.
Features
- Repository security scanning using GitHub/GitLab URLs
- Snyk project scanning
- Integration with Claude desktop
- Token verification
- Multiple organization ID configuration options
- Snyk CLI integration for organization ID lookup
Usage
To scan a repository, you must provide its GitHub or GitLab URL:
Scan repository https://github.com/owner/repo for security vulnerabilities
IMPORTANT: The scan_repository command requires the actual repository URL (e.g., https://github.com/owner/repo). Do not use local file paths - always use the repository's URL on GitHub or GitLab.
For Snyk projects:
Scan Snyk project project-id-here
Organization ID Configuration
The server will look for the organization ID in this order:
- Command argument (if provided)
- MCP settings environment variable (
SNYK_ORG_ID
) - Snyk CLI configuration (
snyk config get org
)
You only need to specify the organization ID in your command if you want to override the configured values:
Scan repository https://github.com/owner/repo in organisation org-id-here
Snyk CLI Integration
If you have the Snyk CLI installed (npm install -g snyk
), the server can use it to:
- Get your default organisation ID
- Fall back to CLI configuration when MCP settings are not provided
- Show CLI configuration details in token verification output
This integration makes it easier to use the same organisation ID across both CLI and MCP server usage.
相关推荐
Evaluator for marketplace product descriptions, checks for relevancy and keyword stuffing.
I find academic articles and books for research and literature reviews.
Confidential guide on numerology and astrology, based of GG33 Public information
Converts Figma frames into front-end code for various mobile frameworks.
Advanced software engineer GPT that excels through nailing the basics.
Take an adjectivised noun, and create images making it progressively more adjective!
Descubra la colección más completa y actualizada de servidores MCP en el mercado. Este repositorio sirve como un centro centralizado, que ofrece un extenso catálogo de servidores MCP de código abierto y propietarios, completos con características, enlaces de documentación y colaboradores.
Manipulación basada en Micrypthon I2C del expansor GPIO de la serie MCP, derivada de AdaFruit_MCP230xx
Espejo dehttps: //github.com/agentience/practices_mcp_server
Una puerta de enlace de API unificada para integrar múltiples API de explorador de blockchain similar a Esterscan con soporte de protocolo de contexto modelo (MCP) para asistentes de IA.
Reviews

user_r7ct4ACK
As a dedicated user of mcp, the integration of mcp-snyk by sammcj is a game-changer. It seamlessly enhances security by identifying vulnerabilities efficiently. The ease of use and the reliability of this tool make it an indispensable asset for developers wanting to ensure robust code security. Highly recommended for anyone serious about maintaining the integrity of their projects!