I craft unique cereal names, stories, and ridiculously cute Cereal Baby images.

Cursor-MCP-Trivy
Ein Modellkontext -Protokollserver (MCP), der über eine standardisierte Schnittstelle trivy Sicherheits -Scan -Funktionen bietet.
3 years
Works with Finder
1
Github Watches
1
Github Forks
6
Github Stars
Trivy Security Scanner MCP Server
A Model Context Protocol (MCP) server that provides Trivy security scanning capabilities through a standardized interface.
⚠️ Note: This is a proof of concept project to demonstrate the integration capabilities between MCP, Cursor IDE, and Trivy. It's intended for experimentation and learning purposes only and is not production-ready. Use at your own risk.
Features
- 🔍 Project Scanning: Automatically scan your project directory for security vulnerabilities using Trivy
- 🛠️ Automated Fixes: Automatically update vulnerable dependencies to secure versions
- 📦 Multi-Package Support: Handles multiple package managers (Python, Node.js, Ruby, Go)
Demo
Architecture
┌─────────────┐ ┌──────────────┐ ┌─────────────┐
│ Cursor IDE │ --> │ MCP Server │ --> │ Trivy │
│ (Composer) │ │ │ │ │
└─────────────┘ └──────────────┘ └─────────────┘
Prerequisites
- Python 3.12 or higher
- Trivy installed on your system:
# macOS brew install trivy
Installation
# Create and activate virtual environment
python -m venv .venv
source .venv/bin/activate
# Install dependencies
pip install -r requirements.txt
Usage
Start the server using SSE transport:
# Using SSE transport (default)
python server.py --transport sse --port 54321
The server exposes two tools:
-
scan_project
: Scans a directory for security vulnerabilities- Required argument:
workspace
- The directory path to scan
- Required argument:
-
fix_vulnerability
: Updates a vulnerable package to a secure version- Required arguments:
-
workspace
- The directory to modify -
pkg_name
- Name of the package to update -
target_version
- Version to update to
-
- Required arguments:
Using with Cursor IDE
-
Start the server with SSE transport:
python server.py --transport sse --port 54321
-
Configure in Cursor:
- Open Settings
- Go to Features > MCP Servers
- Add:
http://127.0.0.1:54321/sse
-
Add the following to your .cursorrules file, create it if you don't have one yet:
After making changes in any of the package dependency/manifest files, scan the project for security vulnerabilities. Fixes should only be according to the desired version reported by the scanner. If the scanner reports a fix unrelated to our change, ignore it. After performing the fix, scan the project for security vulnerabilities again.
This configuration will:
- Automatically trigger a security scan when any dependency file is modified
- Help identify vulnerabilities as soon as new dependencies are added
- Ensure your project stays secure throughout development
if you want to use the tool manually, you can use prompt the agent to use the tool with the following prompt through the composer interface:
Please scan my project for security vulnerabilities
Why MCP?
MCP (Model Context Protocol) exists to solve a fundamental problem in working with large language models (LLMs): how to efficiently and consistently connect these models to external data sources and tools.
Learn more at modelcontextprotocol.io.
Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
License
MIT License
Acknowledgments
相关推荐
Confidential guide on numerology and astrology, based of GG33 Public information
Converts Figma frames into front-end code for various mobile frameworks.
Oede knorrepot die vasthoudt an de goeie ouwe tied van 't boerenleven
A world class elite tech co-founder entrepreneur, expert in software development, entrepreneurship, marketing, coaching style leadership and aligned with ambition for excellence, global market penetration and worldy perspectives.
Advanced software engineer GPT that excels through nailing the basics.
A medical specialist offering assistance grounded in clinical guidelines. Disclaimer: This is intended for research and is NOT safe for clinical use!
Entdecken Sie die umfassendste und aktuellste Sammlung von MCP-Servern auf dem Markt. Dieses Repository dient als zentraler Hub und bietet einen umfangreichen Katalog von Open-Source- und Proprietary MCP-Servern mit Funktionen, Dokumentationslinks und Mitwirkenden.
Ein einheitliches API-Gateway zur Integration mehrerer Ethercan-ähnlicher Blockchain-Explorer-APIs mit Modellkontextprotokoll (MCP) für AI-Assistenten.
Mirror ofhttps: //github.com/suhail-ak-s/mcp-typense-server
本项目是一个钉钉 MCP (Message Connector Protocol )服务 , 提供了与钉钉企业应用交互的 api 接口。项目基于 Go 语言开发 , 支持员工信息查询和消息发送等功能。
Reviews

user_YyD7vNvP
As a devoted user of MCP Server (Language Server Protocol), I've found it to be an indispensable tool for streamlining my development workflow. Created by Meeneshsolanki, this server is both robust and efficient, providing exceptional support across multiple languages. Its seamless integration and comprehensive documentation elevate the coding experience. Highly recommended for developers seeking a reliable Language Server Protocol!