Sentinel MCP Server

Local setup required. This server has to be cloned and prepared on your machine before you register it in Claude Code.
1

Set the server up locally

Run this once to clone and prepare the server before adding it to Claude Code.

Run in terminal
pip install .
2

Register it in Claude Code

After the local setup is done, run this command to point Claude Code at the built server.

Run in terminal
claude mcp add sentinel-mcp -- python3 "<FULL_PATH_TO_SCURITY_MCP_SERVER>/dist/index.js"

Replace <FULL_PATH_TO_SCURITY_MCP_SERVER>/dist/index.js with the actual folder you prepared in step 1.

README.md

Enterprise-grade security server for automated vulnerability scanning

Sentinel MCP Server

Sentinel is a robust, enterprise-grade Security MCP (Model Context Protocol) Server designed for reliability, compliance, and easy integration with IDEs like VS Code and Antigravity.

πŸ›‘οΈ Features

  • Robust Execution: Automatic retries for Docker commands, graceful timeout handling, and custom error reporting.
  • Compliance Ready: Built-in support for CIS Benchmark scanning via Trivy.
  • Structured Logging: All logs are output in JSON format for easy parsing and monitoring.
  • Dockerized Tools: Runs all security tools in isolated Docker containersβ€”no local tool installation required.

🧰 Included Tools

Tool Function Docker Image
Semgrep SAST (Static Analysis) returntocorp/semgrep (Rules: OWASP Top 10, CWE Top 25, Security Audit)
Trivy SCA & Compliance aquasec/trivy
Grype SCA (Vulnerability Scanning) anchore/grype
Gitleaks Secret Scanning zricethezav/gitleaks
OWASP ZAP DAST (Web Scanning) owasp/zap2docker-stable
ClamAV Malware Scanning clamav/clamav
Schemathesis API Fuzzing schemathesis/schemathesis:stable
EOL Scanner Runtime/Framework EOL Checks Built-in (endoflife.date API)
Crypto Scanner SSL/TLS Compliance drwetter/testssl.sh
AI Threat Modeler STRIDE Analysis Built-in (LLM Powered + Code Context + Mermaid DFD)

πŸš€ Getting Started

Prerequisites

  • Docker: Must be installed and running.
  • Python: Version 3.13 or higher.

Installation

  1. Clone the repository (if applicable) or navigate to the project directory:

    cd sentinel-mcp-server

  2. Create a virtual environment:

    python3 -m venv .venv
source .venv/bin/activate

  3. Install dependencies:

    pip install .

Running the Server

To start the MCP server manually (for testing):

mcp run python src/sentinel/server.py

Manual Scanning (CLI)

You can also scan any project directory directly from the terminal using the included utility script:

# Scan a specific project directory
python3 scan_project.py /path/to/your/project

# Run only specific scans (e.g., secrets)
python3 scan_project.py /path/to/your/project --type secrets

πŸ’» IDE Configuration

VS Code

To use Sentinel with the MCP Servers extension in VS Code, add the following to your MCP settings file (typically ~/Library/Application Support/Code/User/globalStorage/mcp-servers.json):

{
  "mcpServers": {
    "sentinel": {
      "command": "/Users/pranjalsharma/Documents/SourceCode/appsec/sentinel-mcp-server/.venv/bin/python3",
      "args": [
        "/Users/pranjalsharma/Documents/SourceCode/appsec/sentinel-mcp-server/src/sentinel/server.py"
      ],
      "env": {
        "SENTINEL_LOG_LEVEL": "INFO"
      }
    }
  }
}

Replace /ABSOLUTE/PATH/TO/... with the actual full path to your project directory.

βš™οΈ Configuration

You can configure Sentinel using environment variables:

Variable Description Default
SENTINEL_LOG_LEVEL Logging level (DEBUG, INFO, WARN, ERROR) INFO
SENTINEL_DOCKER_TIMEOUT Timeout for Docker commands in seconds 600
SENTINEL_SEMGREP_IMAGE Custom Docker image for Semgrep returntocorp/semgrep
SENTINEL_TRIVY_IMAGE Custom Docker image for Trivy aquasec/trivy
SENTINEL_GRYPE_IMAGE Custom Docker image for Grype anchore/grype
SENTINEL_TESTSSL_IMAGE Custom Docker image for testssl.sh drwetter/testssl.sh
SENTINEL_SCHEMATHESIS_IMAGE Custom Docker image for Schemathesis schemathesis/schemathesis:stable
SENTINEL_LLM_API_KEY API Key for AI Threat Modeling (e.g., OpenAI) None (Falls back to heuristic)
SENTINEL_LLM_MODEL LLM Model to use gpt-4o

πŸ—οΈ Project Structure

src/sentinel/
β”œβ”€β”€ core/           # Core logic (logging, exceptions, config)
β”œβ”€β”€ services/       # Business logic (scanners, compliance)
β”œβ”€β”€ tools/          # Tool execution (Docker runner)
└── server.py       # Main MCP entry point

Tools (8)

SemgrepPerforms static analysis (SAST) for security audits and vulnerability detection.
TrivyPerforms SCA and compliance scanning including CIS Benchmarks.
GrypePerforms vulnerability scanning for software components.
GitleaksScans for hardcoded secrets and sensitive information.
OWASP ZAPPerforms DAST web application security scanning.
ClamAVPerforms malware scanning on project files.
SchemathesisPerforms API fuzzing for robustness testing.
AI Threat ModelerGenerates STRIDE analysis using LLMs and code context.

Environment Variables

SENTINEL_LOG_LEVELLogging level (DEBUG, INFO, WARN, ERROR)
SENTINEL_DOCKER_TIMEOUTTimeout for Docker commands in seconds
SENTINEL_LLM_API_KEYAPI Key for AI Threat Modeling
SENTINEL_LLM_MODELLLM Model to use for threat modeling

Configuration

claude_desktop_config.json
{"mcpServers": {"sentinel": {"command": "python3", "args": ["/path/to/sentinel-mcp-server/src/sentinel/server.py"], "env": {"SENTINEL_LOG_LEVEL": "INFO"}}}}

Try it

β†’Run a Semgrep scan on my current project directory to check for OWASP Top 10 vulnerabilities.
β†’Scan my repository for any accidentally committed secrets using Gitleaks.
β†’Perform a compliance check on my project using Trivy to ensure it meets CIS Benchmarks.
β†’Generate a threat model for my current application architecture using the AI Threat Modeler.
β†’Run a malware scan on the project directory using ClamAV.

Frequently Asked Questions

What are the key features of Sentinel MCP Server?

Automated vulnerability scanning using isolated Docker containers. Compliance-ready scanning including CIS Benchmarks via Trivy. AI-powered threat modeling with STRIDE analysis. Structured JSON logging for easy monitoring. Graceful timeout handling and automatic retries for security tools.

What can I use Sentinel MCP Server for?

Automating security audits in CI/CD pipelines via IDE integration. Performing rapid secret detection before pushing code to repositories. Conducting automated compliance checks for enterprise security standards. Generating architectural threat models during the design phase of development.

How do I install Sentinel MCP Server?

Install Sentinel MCP Server by running: pip install .

What MCP clients work with Sentinel MCP Server?

Sentinel MCP Server works with any MCP-compatible client including Claude Desktop, Claude Code, Cursor, and other editors with MCP support.

Turn this server into reusable context

Keep Sentinel MCP Server docs, env vars, and workflow notes in Conare so your agent carries them across sessions.

Need the old visual installer? Open Conare IDE.
Open Conare
View all monitoring servers β†’

Related MCP Servers

Skylos
Find dead code, secrets, and exploitable flows in Python, TypeScript, and Go.
monitoring344 stars
Linux MCP Server
Read-only Linux system administration and diagnostics on RHEL-based systems.
monitoring189 stars
Charles MCP Server
Integrates Charles Proxy with MCP clients for real-time network traffic analysis
monitoring118 stars
HomeButler
All-in-one homelab management MCP server.
monitoring64 stars
Wireshark MCP
Give your AI assistant a packet analyzer.
monitoring55 stars
RenderDoc MCP
Analyze GPU frame captures for graphics debugging and performance analysis.
monitoring42 stars