Security scanning for websites, public repositories, and Open CLAW skills.
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"cyberlens": {
"args": [
"-y",
"@shadoprizm/cyberlens-mcp-server"
],
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Security scanning for AI assistants and agentic coding workflows.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y '@shadoprizm/cyberlens-mcp-server' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
Checked @shadoprizm/cyberlens-mcp-server against OSV.dev.
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in security
Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.
AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.
Model Context Protocol for WinDBG
Security scanner for GitHub repos, Agent Skills, Plugins, and MCP servers. 18 scanners. Zero dependencies.
MCP Security Weekly
Get CVE alerts and security updates for io.github.shadoprizm/cyberlens-mcp-server and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
Security scanning for AI assistants and agentic coding workflows.
A Model Context Protocol (MCP) server that gives AI assistants the ability to scan websites, public repositories, and Open CLAW skills for security vulnerabilities. It's purpose-built for the agentic coding era, with native support for scanning skill packages before you install them.
When connected to an AI assistant (Claude Desktop, VS Code, etc.), this MCP server adds security scanning tools that the assistant can use during your conversation:
You: "I want to install this skill: https://clawhub.ai/skills/ontology"
Claude: I'll scan it for security issues first.
[PASS] CLAW Skill Security Scan: ontology v1.0.4
Security Score: 95/100
Files Analyzed: 5
Skill appears safe to install. Minor issues noted below.
1. [MEDIUM] File write operation
File: scripts/ontology.py:399
Fix: Ensure file writes are limited to expected directories.
The skill looks safe. It writes to the filesystem for its knowledge
graph storage, which is expected behaviour for this type of skill.
After the first npm release, the recommended install path is:
npx -y @shadoprizm/cyberlens-mcp-server
Before that, or for local development and manual builds:
git clone https://github.com/shadoprizm/cyberlens-mcp-server.git
cd cyberlens-mcp-server
npm install
npm run build
Claude Desktop -- add to ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows):
{
"mcpServers": {
"cyberlens": {
"command": "npx",
"args": ["-y", "@shadoprizm/cyberlens-mcp-server"]
}
}
}
If you are running from a source checkout instead of npm:
{
"mcpServers": {
"cyberlens": {
"command": "node",
"args": ["/absolute/path/to/cyberlens-mcp-server/dist/index.js"]
}
}
}
Claude Code -- add to your MCP settings or project configuration.
VS Code (Copilot/Continue) -- configure per your extension's MCP server settings.
Website tools work immediately without an account in local quick mode. That local mode covers roughly 15 core checks and returns results right away.
Connecting an account upgrades website scans to the full CyberLens cloud path with 70+ checks, scan history, and AI analysis. Repository and account-only tools still connect through the browser flow when needed.
When a repository or account-only tool needs an account, the MCP server:
cyberlensai.com to sign up or log in~/.cyberlens/mcp/config.json