SAST
Integrates multiple Static Application Security Testing (SAST) tools with Claude Code AI, enabling automated security analysis and vulnerability scanning directly from an AI assistant.
Acerca de
This comprehensive server acts as a crucial bridge, connecting Claude Code AI with a diverse array of industry-standard Static Application Security Testing (SAST) tools. It empowers developers to conduct automated security analysis, vulnerability scanning, secret detection, and dependency checking directly through natural language commands within their AI assistant. By offering seamless integration, remote execution on a dedicated security VM, and automatic cross-platform path resolution, it facilitates comprehensive security insights and streamlined development workflows, especially for those working across different operating environments like Windows and Linux.
Características Principales
- Offers comprehensive security coverage for code analysis, secret detection, dependency scanning, and Infrastructure as Code (IaC) security
- Integrates with over 15 leading SAST tools including Semgrep, Bandit, and TruffleHog
- Seamless integration with Claude Code AI via the Model Context Protocol (MCP)
- Enables remote execution of security tools on a dedicated Linux VM (e.g., Kali Linux) from a Windows client
- 0 GitHub stars
- Provides automatic Windows ↔ Linux path mapping for cross-platform operation
Casos de Uso
- Analyze Infrastructure as Code (IaC) configurations for security vulnerabilities using Checkov or tfsec
- Perform multi-language security audits using tools like Semgrep with OWASP Top 10 rules directly from Claude Code AI
- Scan project repositories for leaked secrets with tools like TruffleHog or Gitleaks
