Best Security AI Skills & MCP Servers

MergeGuide policy checking MCP server for Claude Code

45 specialized judges that evaluate AI-generated code for security, cost, and quality.

Lightweight dependency vulnerability audit tool with CLI and MCP Server support

Security scanner MCP server for AI coding agents. Prompt injection firewall, package hallucination detection (4.3M+ packages), 1700+ vulnerability rules with AST & taint analysis, LLM-powered semantic code review, auto-fix. For Claude Code, Cursor, Windsu

CLI and MCP servers for Cutline, including SlopBurn: a product quality engineering roguelike RPG for vibecoding workflows.

Browser-based IDE + AI agent orchestration CLI. Run Claude Code in parallel across git worktrees, auto-approve safe tools with the Security Bouncer, and control long-running AI work from any device at app.mstro.app.

MCP server + live dashboard for AI code governance — OWASP LLM Top 10 (10/10), real-time MCP App UI, 25+ security patterns, Bayesian learning Brain, hallucinated import detection, multi-agent governance. Works with Claude, Cursor, VS Code, ChatGPT, Goose,

Steampipe MCP server to query cloud infrastructure, SaaS, code and more with SQL using AI.

CLI and MCP servers for Cutline, including SlopBurn: a product quality engineering roguelike RPG for vibecoding workflows.

OSINT intelligence MCP server — Shodan, VirusTotal, SecurityTrails, Censys, DNS, WHOIS, crt.sh, Wayback, BGP

Agentic CVE remediation platform for Node.js. Correlates threat intelligence, applies policy-governed fixes, and delivers auditable remediation outcomes across CI/CD pipelines, agent workflows, and service portfolios.

MCP server enabling AI assistants to securely execute SSH commands, transfer files via SFTP, manage port forwarding, and use parameterized command templates with comprehensive security controls

Powerpipe MCP server to run benchmarks, detections and controls using AI.

MCP server that injects structured professional domain expertise into AI agents — decision frameworks, compliance workflows, and practitioner knowledge for accounting, legal, medical, Islamic finance, cybersecurity, and 19 more domains

CodeSlick CLI tool for pre-commit security scanning — 308 checks across JS, TS, Python, Java, Go

Multi-language code quality auditor with MCP server - Analyze TypeScript, JavaScript, and Go code for SOLID principles, DRY violations, security patterns, and more

MCP server providing security scanning, prompt injection detection, secret leak detection, and agent permission auditing for AI agent workflows

MCP server for APIMesh — 76 x402-payable tools for AI agents (74 APIs + wallet usage + spend caps). Covers web vitals, security headers, SEO audits, email security and verification, tech-stack detection, brand assets, redirect chains, indexability, brand

Trust-score any AI skill or MCP server from inside Claude Code, Cursor, or any MCP client. Accepts GitHub repos, npm packages, Smithery URLs, and OpenClaw skills. 15 signals (incl. OSV/KEV/EPSS vulnerability intelligence), safety scanning, OpenClaw frontm

Security scanner for AI agent packages — CLI + MCP server

GitHub security posture audit tools for AI agents — organization, repository, Actions, secrets, supply chain analysis via MCP

MCP server with 323 cybersecurity prompts and 7 scenario workflows. Drops into Claude Desktop, Claude Code, Cursor, and other MCP-compatible clients.

Hardened, self-hosted Excalidraw MCP server with SQLite persistence, multi-tenancy, auto-sync, security middleware, and 369 tests

Drive any Electron app from your AI. MCP server with 93 tools, 4 recipe packages (Slack/Discord/Notion/Linear), security primitives, and a CLI mirror. The testing surface area Tauri structurally cannot match.