Security Tools

Pre-tested Argus MCP backend configurations for security tools servers.

Code Analyzer (containerized — network isolated)

View on GitHub

Static code analysis using ruff and vulture. Runs in a fully network-isolated container — all analysis is local, no outbound connections.

name: "Code Analyzer (containerized — network isolated)"
description: "Static code analysis using ruff and vulture. Runs in a fully network-isolated container — all analysis is local, no outbound connections."

analyzer:
  type: stdio
  command: uvx
  args:
    - "mcp-server-analyzer"
  container:
    enabled: true
    network: none

Code Analyzer (subprocess)

View on GitHub

Static code analysis for Python using ruff and vulture. Identifies unused code, style violations, and potential bugs. Runs as a subprocess via uvx.

name: "Code Analyzer (subprocess)"
description: "Static code analysis for Python using ruff and vulture. Identifies unused code, style violations, and potential bugs. Runs as a subprocess via uvx."

analyzer:
  type: stdio
  command: uvx
  args:
    - "mcp-server-analyzer"

Shodan MCP Server (containerized)

View on GitHub

Search Shodan for internet-connected devices, open ports, and vulnerabilities. Runs in a container with outbound network access.

name: "Shodan MCP Server (containerized)"
description: "Search Shodan for internet-connected devices, open ports, and vulnerabilities. Runs in a container with outbound network access."
# Secrets: SHODAN_API_KEY — set with: argus-mcp secrets set SHODAN_API_KEY <your-shodan-api-key>
# Get key at: https://account.shodan.io — requires paid Shodan account for most queries

shodan-container:
  type: stdio
  command: npx
  args:
    - "-y"
    - "@burtthecoder/mcp-shodan"
  env:
    SHODAN_API_KEY: "${SHODAN_API_KEY}"
  container:
    enabled: true
    network: bridge

Shodan MCP Server

View on GitHub

Search Shodan for internet-connected devices, open ports, and vulnerabilities. Runs as a subprocess.

name: "Shodan MCP Server"
description: "Search Shodan for internet-connected devices, open ports, and vulnerabilities. Runs as a subprocess."
# Secrets: SHODAN_API_KEY — set with: argus-mcp secrets set SHODAN_API_KEY <your-shodan-api-key>
# Get key at: https://account.shodan.io — requires paid Shodan account for most queries

shodan:
  type: stdio
  command: npx
  args:
    - "-y"
    - "@burtthecoder/mcp-shodan"
  env:
    SHODAN_API_KEY: "${SHODAN_API_KEY}"

Snyk MCP Server (containerized)

View on GitHub

Scan code and dependencies for security vulnerabilities using Snyk. Runs in a container with outbound network access for Snyk API calls.

name: "Snyk MCP Server (containerized)"
description: "Scan code and dependencies for security vulnerabilities using Snyk. Runs in a container with outbound network access for Snyk API calls."

snyk:
  type: stdio
  command: npx
  args:
    - "-y"
    - "snyk@latest"
    - "mcp"
    - "-t"
    - "stdio"
  env:
    SNYK_TOKEN: "${SNYK_TOKEN}"
    SNYK_MCP_PROFILE: "experimental"
  container:
    enabled: true
    network: bridge

Snyk MCP Server (subprocess)

View on GitHub

Scan code and dependencies for security vulnerabilities using Snyk. Runs as a subprocess via npx. Requires a Snyk token.

name: "Snyk MCP Server (subprocess)"
description: "Scan code and dependencies for security vulnerabilities using Snyk. Runs as a subprocess via npx. Requires a Snyk token."

snyk:
  type: stdio
  command: npx
  args:
    - "-y"
    - "snyk@latest"
    - "mcp"
    - "-t"
    - "stdio"
  env:
    SNYK_TOKEN: "${SNYK_TOKEN}"
    SNYK_MCP_PROFILE: "experimental"

Want to add a configuration? See the contributing guide.