# SecurityScan

Scans GitHub repositories and skills for vulnerabilities like prompt injection, malware, and OWASP risks. Identifies security threats in external dependencies to ensure software health. Provides deta…

## Quick Start

```bash
# Connect this server (installs CLI if needed)
npx -y smithery mcp add securityscan-api/securityscan

# Browse available tools
npx -y smithery tool list securityscan-api/securityscan

# Get full schema for a tool
npx -y smithery tool get securityscan-api/securityscan scan_skill

# Call a tool
npx -y smithery tool call securityscan-api/securityscan scan_skill '{}'
```

## Direct MCP Connection

Endpoint: `https://securityscan--securityscan-api.run.tools`

**Required config:**
- `apiKey` (query) — SecurityScan API key. Register free at https://apisecurityscan.net/auth/register

## Tools (4)

- `scan_skill` — Scan a GitHub skill for vulnerabilities: prompt injection, malware, OWASP LLM Top 10.
- `get_report` — Retrieve a previous scan result by scan_id.
- `check_certification` — Check if a skill has a SecurityScan certification badge.
- `scan_deps` — Check external dependency health via DepScan.

```bash
# Get full input/output schema for a tool
npx -y smithery tool get securityscan-api/securityscan <tool-name>
```