CCM
/MCP
SkillsMCPMarketplacesDigestToolsAdvertise

This week in Claude

Every Monday: Claude Code, Agent SDK, MCP, and the Anthropic platform moves worth your time.

Skills by Category
Frontend DevelopmentBackend & APIsTesting & QASecurityDevOps & CI/CDGit & Pull RequestsDocumentationCode Review & QualityAI & Agent BuildingSkill Development
MCP Servers by Category
Sales & MarketingWeb & Browser AutomationDatabasesAI & LLM ToolsCloud & InfrastructureCommunication & MessagingDeveloper ToolsDesign & CreativeDocuments & KnowledgeSearch & Web Crawling
Marketplaces by Category
AI Agents & OrchestrationLLM IntegrationDevelopment ToolsFrontend & UIBackend & APIsDatabasesTesting & Code QualityDevOps & CloudSecurity & ComplianceGit & Version Control

Claude Code Marketplaces

Discover Claude Code plugins, extensions, and tools. Automatically updated directory of Anthropic Claude AI marketplaces with development tools, productivity plugins, and integrations.

Resources

  • Browse Skills
  • Browse MCP Servers
  • Browse Marketplaces
  • Plugins Reference

Community

  • About
  • Tools
  • Feedback
  • Privacy Policy
  • Advertise

Built for the Claude Code community with Claude Code by @mertduzgun

Independent project, not affiliated with Anthropic

Security Auditor

eren-solutions/mcp-security-audit
HTTP
Summary

Connects to the Eren Security Auditor API to run AI-powered vulnerability scans on GitHub repositories. Exposes four tools: security_scan kicks off a full audit (1-10 minutes), audit_status checks progress, audit_list shows recent scans, and audit_stats aggregates findings across runs. Results include OWASP Top 10 and CWE classifications with risk scores and remediation guidance. Runs in stdio mode for Claude Desktop or HTTP for remote clients. Free tier gives you one scan per day, then it returns a 402 payment required response with USDC wallet instructions if you need more. Reach for this when you want security feedback on a codebase without running static analysis tools locally.

CodeRabbit
CodeRabbit
AI writes the code. CodeRabbit catches the slop.
Try For Free →
Make your agent a DeFi expert
Make your agent a DeFi expert
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
AppSignal
AppSignal
Monitor with ease. Code with confidence.
Start Free Trial →
AI notepad for back-to-back meetings
AI notepad for back-to-back meetings
Notes, actions and memory. Without a meeting bot. First month 100% off.
Download for free →
Keep your Mac awake
Keep your Mac awake
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Email for Agents: Free tier availableEmail for Agents: Free tier available
Email for Agents: Free tier available
Give your AI agent a complete email layer—sending, inbound inboxes, and sandbox testing.
Get 4K emails/month free →
Context.devContext.dev
Context.dev
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
CodeScene MCP ServerCodeScene MCP Server
CodeScene MCP Server
Your agent targets a perfect 10 Code Health score. Deterministic. Every commit.
Try For Free →
CodeRabbit
CodeRabbit
AI writes the code. CodeRabbit catches the slop.
Try For Free →
Make your agent a DeFi expert
Make your agent a DeFi expert
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
AppSignal
AppSignal
Monitor with ease. Code with confidence.
Start Free Trial →
AI notepad for back-to-back meetings
AI notepad for back-to-back meetings
Notes, actions and memory. Without a meeting bot. First month 100% off.
Download for free →
Keep your Mac awake
Keep your Mac awake
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Email for Agents: Free tier availableEmail for Agents: Free tier available
Email for Agents: Free tier available
Give your AI agent a complete email layer—sending, inbound inboxes, and sandbox testing.
Get 4K emails/month free →
Context.devContext.dev
Context.dev
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
CodeScene MCP ServerCodeScene MCP Server
CodeScene MCP Server
Your agent targets a perfect 10 Code Health score. Deterministic. Every commit.
Try For Free →

Eren Security Auditor — MCP Server

AI-powered code security auditor exposed via the Model Context Protocol (MCP). Scans GitHub repositories for vulnerabilities using LLM-powered analysis and returns structured findings with OWASP Top 10 and CWE references.

Tools

ToolDescription
security_scanRun a full security audit on a GitHub repository (1-10 min)
audit_statusCheck the status of a running or completed audit
audit_listList recent security audits with summary info
audit_statsGet aggregate statistics (total audits, findings, risk scores)

Quick Start

Streamable HTTP (remote clients, MCP directories)

pip install mcp
AUDIT_ENDPOINT=https://your-api-host AUDIT_API_KEY=your-key python server.py --transport streamable-http --port 8200

Server runs at http://localhost:8200/mcp.

stdio (Claude Desktop, local MCP clients)

pip install mcp
AUDIT_ENDPOINT=https://your-api-host AUDIT_API_KEY=your-key python server.py --transport stdio

Claude Desktop Configuration

Add to ~/.claude/settings.json:

{
  "mcpServers": {
    "security-audit": {
      "command": "python",
      "args": ["path/to/server.py", "--transport", "stdio"],
      "env": {
        "AUDIT_ENDPOINT": "https://your-api-host",
        "AUDIT_API_KEY": "your-key"
      }
    }
  }
}

Docker

docker build -t mcp-security-audit .
docker run -p 8200:8200 -e AUDIT_ENDPOINT=https://your-api-host -e AUDIT_API_KEY=your-key mcp-security-audit

Environment Variables

VariableDefaultDescription
AUDIT_ENDPOINT(required)Audit API base URL
AUDIT_API_KEY(required)API key for authentication
PORT8200HTTP server port
HOST0.0.0.0HTTP bind address
SCAN_FREE_TIER1Free scans per day per client
SCAN_PRICE_USD0.25Price in USD for paid scan (x402 payload)
SCAN_WALLET_ADDRESS(empty)USDC/Base wallet address for payment instructions
MCP_BILLING_DB/opt/mcp-audit/billing.dbSQLite path for rate limit + API key data
MCP_BILLING_ENABLEDtrueSet to false to disable billing entirely

Access Tiers

Free tier: SCAN_FREE_TIER scans/day per session (default: 1). No key needed.

Paid tier: Unlimited scans. Pass an API key as the api_key parameter or in the X-API-Key header. Keys are generated after BTC payment confirmation.

Payment required (x402): When the free tier is exhausted and no valid API key is provided, security_scan returns a JSON payload with HTTP 402 semantics:

{
  "error": "payment_required",
  "http_status": 402,
  "message": "Free tier exhausted (1 scan/day). Add X-API-Key header with a paid key, or pay $0.25 USDC to scan.",
  "free_tier": { "scans_per_day": 1, "resets": "00:00 UTC" },
  "payment": {
    "price": "0.25",
    "currency": "USDC",
    "network": "base",
    "address": "YOUR_WALLET_ADDRESS",
    "message": "Pay $0.25 USDC on Base to https://eren-solutions.com/audit/pay"
  }
}

Example Usage

Once connected via an MCP client:

> Use security_scan to audit https://github.com/juice-shop/juice-shop

Scanning juice-shop/juice-shop (master branch)...
Found 47 findings across 200 files.

Risk Score: 72/100

Critical: 3 | High: 8 | Medium: 15 | Low: 12 | Info: 9

Top findings:
- [CRITICAL] SQL Injection in /routes/search.ts (CWE-89)
- [CRITICAL] Insecure JWT Secret (CWE-798)
- [HIGH] XSS via DOM manipulation in /frontend/src/... (CWE-79)

How It Works

MCP Client → MCP Server (this repo) → Audit API → Clone repo → LLM scan → Findings

The server proxies tool calls to the Eren Security Auditor API, which:

  1. Clones the target repository
  2. Scans source files using LLM-powered analysis
  3. Categorizes findings by OWASP Top 10 and CWE
  4. Generates risk scores and remediation guidance

License

MIT

Featured
CodeRabbit
CodeRabbit
AI writes the code. CodeRabbit catches the slop.
Try For Free →
Make your agent a DeFi expert
Make your agent a DeFi expert
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
AppSignal
AppSignal
Monitor with ease. Code with confidence.
Start Free Trial →
AI notepad for back-to-back meetings
AI notepad for back-to-back meetings
Notes, actions and memory. Without a meeting bot. First month 100% off.
Download for free →
Keep your Mac awake
Keep your Mac awake
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Email for Agents: Free tier availableEmail for Agents: Free tier available
Email for Agents: Free tier available
Give your AI agent a complete email layer—sending, inbound inboxes, and sandbox testing.
Get 4K emails/month free →
Context.devContext.dev
Context.dev
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
CodeScene MCP ServerCodeScene MCP Server
CodeScene MCP Server
Your agent targets a perfect 10 Code Health score. Deterministic. Every commit.
Try For Free →
Categories
Developer ToolsSecurity & Pentesting
TransportHTTP
UpdatedMar 14, 2026
View on GitHub

Related Developer Tools MCP Servers

View all →
Git Mcp Server

ray0907/git-mcp-server

MCP server for GitLab and GitHub
Git Mcp Server

cyanheads/git-mcp-server

Comprehensive Git MCP server enabling native git tools including clone, commit, worktree, & more.
221
Atlassian Dc Mcp Bitbucket

io.github.b1ff/atlassian-dc-mcp-bitbucket

MCP server for Atlassian Bitbucket Data Center - interact with repositories and code
77
Atlassian Dc Mcp Jira

io.github.b1ff/atlassian-dc-mcp-jira

MCP server for Atlassian Jira Data Center - search, view, and create issues
77
Atlassian Jira

com.mcparmory/atlassian-jira

Create, search, and manage issues, projects, and team workflows
25
Vscode Terminal Mcp

sirlordt/vscode-terminal-mcp

Execute commands in visible VSCode terminal tabs with output capture and session reuse.
1