Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"agentaegis": {
"env": {
"NVD_API_KEY": "...",
"OTX_API_KEY": "...",
"HIBP_API_KEY": "...",
"ABUSECH_API_KEY": "...",
"ABUSEIPDB_API_KEY": "..."
},
"args": [
"/path/to/agentaegis-mcp/dist/index.js"
],
"command": "node"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Every cybersecurity service, callable by any AI agent, billed per use.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y 'cp' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
Checked cp against OSV.dev.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in ai-ml / security
Dynamic problem-solving through sequential thought chains
Persistent memory using a knowledge graph
An autonomous agent that conducts deep research on any data using any LLM providers
🌊 The leading agent orchestration platform for Claude. Deploy intelligent multi-agent swarms, coordinate autonomous workflows, and build conversational AI systems. Features enterprise-grade architecture, distributed swarm intelligence, RAG integration, and native Claude Code / Codex Integration
MCP Security Weekly
Get CVE alerts and security updates for io.github.astafford8488/agentaegis and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
Every cybersecurity service, callable by any AI agent, billed per use.
AgentAegis is an MCP server that lets AI agents perform cybersecurity operations on demand — from compliance checks to vulnerability scans to code security analysis. It wraps best-in-class open-source scanning engines (nmap, Nuclei, sslyze, Semgrep, trufflehog, trivy) in clean, agent-discoverable tool definitions with structured inputs and outputs.
Phase 2 ships: HTTP transport for remote deployment, x402 micropayments, API key auth with monthly limits, Supabase persistence, webhooks, ISO 27001 + HIPAA frameworks, Railway deploy config, and a full test suite.
git clone https://github.com/astafford8488/agentaegis-mcp.git
cd agentaegis-mcp
pnpm install
cp .env.example .env # add API keys
pnpm build
Add to claude_desktop_config.json:
{
"mcpServers": {
"agentaegis": {
"command": "node",
"args": ["/path/to/agentaegis-mcp/dist/index.js"],
"env": {
"NVD_API_KEY": "...",
"ABUSEIPDB_API_KEY": "...",
"OTX_API_KEY": "...",
"ABUSECH_API_KEY": "...",
"HIBP_API_KEY": "..."
}
}
}
}
# Local dev
pnpm dev:http
# Production via Docker
docker compose -f docker/docker-compose.yml up -d
# Production via Railway
railway up
Connect from any MCP-aware agent:
POST https://your-host/mcp
Authorization: Bearer aegis_<your-api-key>
┌─────────────────────────────────────────────────────────┐
│ AI Agent (Claude, custom MCP client) │
└────────────────┬───────────────────────┬─────────────────┘
│ stdio │ HTTP
│ │
┌────────────────▼───────────┐ ┌────────▼─────────────────┐
│ stdio entry (index.ts) │ │ HTTP entry (http-server)│
└────────────────┬───────────┘ └────────┬─────────────────┘
│ │
│ ┌────────────────┴─────────────┐
│ │ Auth Gate │
│ │ - API key (DB-backed) │
│ │ - x402 micropayment │
│ └─────────────┬────────────────┘
│ │
┌────────────────▼────────────────────▼──────────────────────┐
│ MCP Server (server.ts) │
│ 20 Tool Handlers │
├──────────────────────────┬────────────────────────────────┤
│ Engine Wrappers │ External APIs │
│ nmap, Nuclei, sslyze, │ NVD, AbuseIPDB, AlienVault OTX + abuse.ch, │
│ Semgrep, trufflehog, │ HIBP, Shodan │
│ trivy │ │
├──────────────────────────┴────────────────────────────────┤
│ Sandbox │ Rate Limit │ Target Validation │ Logging │
└────────────────────────────────────────────────────────────┘
│
┌─────────▼──────────┐
│ Supabase │
│ - customers │
│ - api_keys │
│ - scan_jobs │
│ - usage_log │
│ - webhooks │
└────────────────────┘
| Endpoint | Method | Auth | Description |
|---|---|---|---|
/health | GET | None | Health check |
/pricing | GET | None | Tool catalog with prices |
/v1/customers | POST | None | Create customer account |
/v1/customers/:id/api-keys | POST | None | Issue an API key |
/v1/customers/:id/usage | GET | API key | Usa |