71
/ 100
6 days ago
glama

va-pentest-mcp

A Model Context Protocol server for automated security vulnerability assessment, combining OWASP Dependency-Check dependency scanning with custom code vulnerability detection, and generating detailed HTML and JSON reports.

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
// required environment variables
This server reads these from process.env. You'll be asked to provide them before it can run.
configDEPENDENCY_CHECK_ENABLED
configDEPENDENCY_CHECK_PATH/path/to/dependency-check/bin/dependency-check
configDEPENDENCY_CHECK_DB_DIR./tools/dependency-check-db
configCODE_SCANNER_ENABLED
configSCAN_FOR_SECRETS
configSCAN_FOR_SQL_INJECTION
configSCAN_FOR_COMMAND_INJECTION
configSCAN_FOR_UNSAFE_OPERATIONS
configGENERATE_HTML_REPORT
configGENERATE_JSON_REPORT
configLOG_LEVEL
configLOG_FILE./logs/va-pentest-mcp.log
configPYTHONPATHD:\mcp\va-pentest-mcp\src
// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 2 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[![M8ven Score](https://m8ven.ai/badge/mcp/banhongit7-va-pentest-mcp-uhxq9h)](https://m8ven.ai/mcp/banhongit7-va-pentest-mcp-uhxq9h)
commit: bd62dfbd98c50bb471ad8c18a6e957f60f645357
code hash: 8cf0343e9a0798a6b44ee78abb0bc595b13775f446e30509e30a952fdb615f62
verified: 6/26/2026, 9:36:45 AM
view raw JSON →