security-agent-mcp-server
An AWS Labs Model Context Protocol (MCP) server for **AWS Security Agent** — automated security scanning and penetration testing.
Discovery Score
53/100
9,187 stars
1,554 forks
The Open Source Drop Lens
This official AWS Labs server links any MCP client to the AWS Security Agent service, exposing automated vulnerability scanning and penetration testing to your AI assistant. The useful operations: scan source code for vulnerabilities with suggested fixes, run live pen tests against a target domain, and reach the full SecurityAgent API.
Setup is moderate. It provisions IAM roles and an S3 bucket and needs configured AWS credentials, Python 3.10 or newer, and uv. The connector itself is free; AWS Security Agent usage bills through your AWS account. AWS Labs maintains it, so it is official and tracks the service directly.
Verdict: if you already run security scanning in AWS and want it driven from your AI tooling, install it. If you are not on AWS, the service dependency makes this a skip.
Cost Breakdown
**Free:** The MCP server itself is open source under Apache 2.0.
**The real cost:** AWS Security Agent is a billed AWS service. The connector is free; the scanning and pen-testing usage runs through your AWS account.
**Setup:** Moderate. It provisions IAM roles and an S3 bucket and needs configured AWS credentials.
Free and open source. The underlying service may have its own costs.
Get tools like this every Wednesday
One featured tool, three on the radar. No fluff.