# middleBrick | API-Security

Scan any API for OWASP Top 10 vulnerabilities and get a security risk score. Covers authentication, authorization (BOLA/BFLA), injection, data exposure, rate limiting, GraphQL, and LLM security.

## Quick Start

```bash
# Connect this server (installs CLI if needed)
npx -y @smithery/cli@latest mcp add middlebrick/api-security

# Browse available tools
npx -y @smithery/cli@latest tool list middlebrick/api-security

# Get full schema for a tool
npx -y @smithery/cli@latest tool get middlebrick/api-security scan_api

# Call a tool
npx -y @smithery/cli@latest tool call middlebrick/api-security scan_api '{}'
```

## Direct MCP Connection

Endpoint: `https://api-security--middlebrick.run.tools`

## Tools (3)

- `scan_api` — Scan an API endpoint for security vulnerabilities and get a risk score
- `get_scan` — Get results of a previous middleBrick scan by its ID
- `list_scans` — List previous middleBrick API security scans

```bash
# Get full input/output schema for a tool
npx -y @smithery/cli@latest tool get middlebrick/api-security <tool-name>
```