CCM
/MCP
SkillsMCPMarketplacesDigestToolsAdvertise

This week in Claude

Every Monday: Claude Code, Agent SDK, MCP, and the Anthropic platform moves worth your time.

Skills by Category
Frontend DevelopmentBackend & APIsTesting & QASecurityDevOps & CI/CDGit & Pull RequestsDocumentationCode Review & QualityAI & Agent BuildingSkill Development
MCP Servers by Category
Sales & MarketingWeb & Browser AutomationDatabasesAI & LLM ToolsCloud & InfrastructureCommunication & MessagingDeveloper ToolsDesign & CreativeDocuments & KnowledgeSearch & Web Crawling
Marketplaces by Category
AI Agents & OrchestrationLLM IntegrationDevelopment ToolsFrontend & UIBackend & APIsDatabasesTesting & Code QualityDevOps & CloudSecurity & ComplianceGit & Version Control

Claude Code Marketplaces

Discover Claude Code plugins, extensions, and tools. Automatically updated directory of Anthropic Claude AI marketplaces with development tools, productivity plugins, and integrations.

Resources

  • Browse Skills
  • Browse MCP Servers
  • Browse Marketplaces
  • Plugins Reference

Community

  • About
  • Tools
  • Feedback
  • Privacy Policy
  • Advertise

Built for the Claude Code community with Claude Code by @mertduzgun

Independent project, not affiliated with Anthropic

Contract Security Scanner

mastrophot/near-mcp-contract-security
STDIOregistry active
Summary

Brings smart contract security scanning into Claude with heuristic analysis for Solidity, Rust, and TypeScript contracts. Exposes three tools: scan_contract checks for reentrancy, integer overflow, access control flaws, front-running vectors, and oracle manipulation risks, returning a vulnerability list with severity ratings and line numbers. compare_security_models and audit_checklist generate language-specific security guidance. The scanner includes NEAR-specific context, scoring contracts against NEAR's security model and providing cross-chain migration recommendations. Install globally via npm and point Claude Desktop at the mcp-contract-security command. Useful when reviewing contract code during development or audits, especially if you're evaluating patterns across EVM and NEAR ecosystems.

CodeRabbit
CodeRabbit
AI writes the code. CodeRabbit catches the slop.
Try For Free →
AppSignal
AppSignal
Monitor with ease. Code with confidence.
Start Free Trial →
AI notepad for back-to-back meetings
AI notepad for back-to-back meetings
Notes, actions and memory. Without a meeting bot. First month 100% off.
Download for free →
Keep your Mac awake
Keep your Mac awake
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Email for Agents: Free tier availableEmail for Agents: Free tier available
Email for Agents: Free tier available
Give your AI agent a complete email layer—sending, inbound inboxes, and sandbox testing.
Get 4K emails/month free →
Context.devContext.dev
Context.dev
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
CodeScene MCP ServerCodeScene MCP Server
CodeScene MCP Server
Your agent targets a perfect 10 Code Health score. Deterministic. Every commit.
Try For Free →
Make your agent a DeFi expert
Make your agent a DeFi expert
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
CodeRabbit
CodeRabbit
AI writes the code. CodeRabbit catches the slop.
Try For Free →
AppSignal
AppSignal
Monitor with ease. Code with confidence.
Start Free Trial →
AI notepad for back-to-back meetings
AI notepad for back-to-back meetings
Notes, actions and memory. Without a meeting bot. First month 100% off.
Download for free →
Keep your Mac awake
Keep your Mac awake
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Email for Agents: Free tier availableEmail for Agents: Free tier available
Email for Agents: Free tier available
Give your AI agent a complete email layer—sending, inbound inboxes, and sandbox testing.
Get 4K emails/month free →
Context.devContext.dev
Context.dev
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
CodeScene MCP ServerCodeScene MCP Server
CodeScene MCP Server
Your agent targets a perfect 10 Code Health score. Deterministic. Every commit.
Try For Free →
Make your agent a DeFi expert
Make your agent a DeFi expert
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →

mcp-contract-security

MCP server for smart contract security scanning.

Implements the required tools:

  • scan_contract
  • compare_security_models
  • audit_checklist

Supports languages:

  • solidity
  • rust
  • typescript

What it checks

scan_contract currently detects heuristic patterns for:

  • Reentrancy
  • Integer overflow/underflow risk
  • Access control issues
  • Front-running exposure
  • Oracle manipulation risk

The output includes:

  • vulnerability list with severity/type/line
  • security_score
  • near_equivalent_score
  • NEAR-specific security notes and recommendation

Install

npm install -g mcp-contract-security

Published package:

  • npm: https://www.npmjs.com/package/mcp-contract-security
  • MCP Registry: https://registry.modelcontextprotocol.io/v0/servers/io.github.mastrophot%2Fcontract-security-scanner/versions/0.1.1

MCP config (Claude Desktop)

{
  "mcpServers": {
    "contract-security": {
      "command": "mcp-contract-security"
    }
  }
}

Tool usage

scan_contract

Input:

{
  "code": "contract source code here",
  "language": "solidity"
}

compare_security_models

Input (optional):

{
  "language": "solidity"
}

audit_checklist

Input (optional):

{
  "language": "rust"
}

Local development

npm install
npm run check

Deliverable assets

Additional publish assets are prepared in deliverables/:

  • deliverables/mcp-registry-submission.md
  • deliverables/security-subreddit-posts.md
  • deliverables/blog-why-near-contracts-safer.md
  • server.json (MCP Registry metadata, schema-validated)

License

MIT

Featured
CodeRabbit
CodeRabbit
AI writes the code. CodeRabbit catches the slop.
Try For Free →
AppSignal
AppSignal
Monitor with ease. Code with confidence.
Start Free Trial →
AI notepad for back-to-back meetings
AI notepad for back-to-back meetings
Notes, actions and memory. Without a meeting bot. First month 100% off.
Download for free →
Keep your Mac awake
Keep your Mac awake
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Email for Agents: Free tier availableEmail for Agents: Free tier available
Email for Agents: Free tier available
Give your AI agent a complete email layer—sending, inbound inboxes, and sandbox testing.
Get 4K emails/month free →
Context.devContext.dev
Context.dev
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
CodeScene MCP ServerCodeScene MCP Server
CodeScene MCP Server
Your agent targets a perfect 10 Code Health score. Deterministic. Every commit.
Try For Free →
Make your agent a DeFi expert
Make your agent a DeFi expert
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
Categories
Security & Pentesting
Registryactive
Packagemcp-contract-security
TransportSTDIO
UpdatedMar 16, 2026
View on GitHub

Related Security & Pentesting MCP Servers

View all →
Exploit Intelligence Platform — CVE, Vulnerability and Exploit Database

com.exploit-intel/eip-mcp

Real-time CVE, exploit, and vulnerability intelligence for AI assistants (350K+ CVEs, 115K+ PoCs)
Semgrep

semgrep/mcp

A MCP server for using Semgrep to scan code for security vulnerabilities.
666
Pentest

dmontgomery40/pentest-mcp

NOT for educational purposes: An MCP server for professional penetration testers including STDIO/HTTP/SSE support, nmap, go/dirbuster, nikto, JtR, hashcat, wordlist building, and more.
137
Notebooklm Mcp Secure

pantheon-security/notebooklm-mcp-secure

Security-hardened NotebookLM MCP with post-quantum encryption
68
Pentest Mcp Server

cyanheads/pentest-mcp-server

Offline methodology engine for authorized penetration testing, CTF, and security research.
1
AI Firewall MCP

io.github.akhilucky/ai-firewall-mcp

Multi-agent LLM security layer detecting prompt injection and jailbreaks.