securitylens-mcp v1.0.3

SecurityLens MCP Server

A Model Context Protocol (MCP) server that provides security analysis capabilities for code files and GitHub repositories.

Features

• 🔍 Local file scanning for security vulnerabilities
• 📦 GitHub repository scanning (requires GitHub token)
• 🚨 Detection of common security issues and bad practices
• 📊 Detailed reports with severity levels and recommendations
• 🔄 Real-time scanning with Claude AI integration

Setup

1. Install the server:

   npm install -g securitylens-mcp

2. Configure Claude Desktop:

   Add this to your Claude Desktop config (claude_desktop_config.json):

   {
     "mcpServers": {
       "securitylens": {
         "command": "securitylens-mcp",
         "args": [],
         "env": {
           "GITHUB_TOKEN": "your_github_token_here"  // Optional - only needed for GitHub scanning
         }
       }
     }
   }

   💡 Note: The GitHub token is optional. Without it, you can still use all local file scanning features.

GitHub Token Setup (Optional)

If you want to scan GitHub repositories:

1. Create a GitHub personal access token:

   • Go to GitHub Settings → Developer Settings → Personal Access Tokens
   • Create a token with repo scope
   • Copy the token

2. Add the token to your Claude Desktop config as shown above

3. Restart Claude Desktop

Usage

In Claude Desktop, you can:

Local File Scanning

Can you scan this code for security issues?
[paste your code here]

GitHub Repository Scanning (requires token)

Can you scan this GitHub repository for security issues?
https://github.com/username/repo

Security Considerations

• The GitHub token should have minimal necessary permissions (only repo scope)
• Local file scanning is performed entirely on your machine
• No code or scan results are sent to external servers
• The server validates tokens on startup and provides clear messaging about availability of features

License

MIT