Wraps OWASP ZAP's API with 45 tools that let Claude drive vulnerability scanning end to end. You get spider crawling, active and passive scanning, alert retrieval, and HTML/JSON/XML report generation. It includes Docker Compose management that auto-provisions a ZAP container with API keys and persistent volumes for scan data. The context and authentication tools handle multi-user scenarios, letting you configure form-based or JSON-based auth and run scans as specific users. Reach for this when you want an AI agent to orchestrate security testing workflows instead of clicking through ZAP's UI or writing Python scripts against the raw API.
claude mcp add --transport stdio io.github.pierre3-zap-mcp uvx zap-mcp