Search

Integrate with security platforms like Splunk SIEM, CrowdStrike EDR, and Microsoft MISP.

An MCP server that enables AI assistants to interact with AWS security services.

The new Bright MCP Server enables AI assistants to directly interact with Bright and manage security scans end-to-end. Using natural language prompts, AI can now analyze existing coverage, identify missing or hidden entrypoints, add them to the project, select the most relevant security tests based on the application’s technology, and start scans automatically.

CVE database and vulnerability intelligence for AI agents. Search NIST NVD, check software security, find known vulnerabilities — no API key required.

Real-time CVE lookup via NIST NVD 2.0, CISA KEV alerts, EPSS exploitation probability, and MITRE ATT&CK mappings. 7 tools for AI-powered vulnerability assessment.

ISO 27001 information security compliance — control assessment, risk treatment, SoA generation by MEOK AI Labs

OWASP agentic AI security — prompt injection detection, tool poisoning prevention, agent trust boundaries by MEOK AI Labs

Security scanner for MCP servers and AI agent tooling. Detects prompt injection, command injection, auth bypass, and excessive permissions.

Security intelligence MCP server — 20 tools: CVE lookup (EPSS/KEV), domain recon, SSL, IP reputation, IOC, exploit search, code security. Free, no API key.

Security MCP server that turns your AI into a penetration tester.

Security scanner for MCP servers — detects prompt injection, credential leaks, and tool poisoning with 52 CVSS-scored rules

Security scanner for MCP servers — detects tool poisoning, prompt injection, and 90+ vulnerability patterns

Security-hardened NotebookLM MCP with post-quantum encryption, GDPR/SOC2 compliance, and 14 security layers. Query Google's Gemini-grounded research from any MCP-compatible AI assistant.

Security testing MCP server with 51 tools for penetration testing, network forensics, memory analysis, and vulnerability assessment.

Security gateway for MCP servers — per-tool policies, Ed25519-signed receipts, human approval gates, and Cedar WASM policy engine.

Security gateway that blocks prompt-injection-driven tool calls (poisoned payments, fabricated results) using cryptographic receipts, value-provenance enforcement, and multi-model consensus. Sits in front of any MCP server.

Security scanner for MCP servers and agent skills — query trust scores, check for vulnerabilities, and search the Vigile trust registry

Security and compliance layer for MCP agents. The analyze_prompt tool checks any input — user messages, RAG retrievals, tool outputs — for prompt injection (22 deterministic signatures, 7 languages) and PII before your model sees it. Every verdict returns a signed audit record (SHA-256 + UUID + UTC) you can retain as GDPR Art. 30 evidence. Free tier: 10,000 requests/month.

AI-powered QA harness that catches JS errors, accessibility failures, visual regressions, and security issues via Chrome DevTools MCP — no test scripts required.

Give me a one - two sentence description of the BCMS MCP # MCP The BCMS Model Context Protocol (MCP) integration enables AI assistants like Claude, Cursor, and other MCP-compatible tools to interact directly with your BCMS content. This allows you to create, read, and update content entries, manage media files, and explore your content structure—all through natural language conversations with AI. ## What is MCP? The [Model Context Protocol (MCP)](https://modelcontextprotocol.io/) is an open standard developed by Anthropic that allows AI applications to securely connect to external data sources and tools. With BCMS MCP support, you can leverage AI assistants to: - Query and explore your content structure - Create new content entries with AI-generated content - Update existing entries - Manage your media library - Get intelligent suggestions based on your content model --- ## Getting Started ### Prerequisites 1. A BCMS account with an active instance 2. An MCP key with appropriate permissions 3. An MCP-compatible client (Claude Desktop, Cursor, or any MCP client) ### Step 1: Create an MCP Key 1. Navigate to your BCMS dashboard 2. Go to Settings → MCP 3. Click Create MCP Key 4. Configure the permissions for templates you want the AI to access:GET: Read entries 5. POST: Create entries 6. PUT: Update entries 7. DELETE: Delete entries Note: Right now, MCP only supports creating, reading and updating content. ### Step 2: Configure Your MCP Client You can find full instructions for integrating BCMS with your AI tools right inside BCMS, on the MCP page. But in general, installing BCMS MCP works in a standard way: ``` { "mcpServers": { "bcms": { "url": "https://app.thebcms.com/api/v3/mcp?mcpKey=YOUR_MCP_KEY" } } } ``` ## Available Tools Once connected, your AI assistant will have access to the following tools based on your MCP key permissions: ### Content Discovery #### list_templates_and_entries Lists all templates and their entries that you have access to. This is typically the first tool to call when exploring your BCMS content. Returns: - Template IDs, names, and slugs - Entry IDs with titles and slugs for each language Example prompt: "Show me all the templates and entries in my BCMS" --- ### Entry Management #### list_entries_for_{templateId} Retrieves all entries for a specific template with full content data. A separate tool is generated for each template you have access to. Returns: - Complete entry data including all meta fields - Content in all configured languages - Entry statuses Example prompt: "List all blog posts from my Blog template" --- #### create_entry_for_{templateId} Creates a new entry for a specific template. The input schema is dynamically generated based on your template's field structure. Input: - statuses: Array of status assignments per language - meta: Array of metadata for each language (title, slug, custom fields) - content: Array of content nodes for each language Example prompt: "Create a new blog post titled 'Getting Started with BCMS' with a brief introduction paragraph" --- #### update_entry_for_{templateId} Updates an existing entry for a specific language. Input: - entryId: The ID of the entry to update - lng: Language code (e.g., "en") - status: Optional status ID - meta: Updated metadata - content: Updated content nodes Example prompt: "Update the introduction paragraph of my 'Getting Started' blog post" --- ### Media Management #### list_all_media Lists all media files in your media library. Returns: - Media IDs, names, and types - File metadata (size, dimensions for images) - Parent directory information Example prompt: "Show me all images in my media library" --- #### list_media_dirs Lists the directory structure of your media library. Returns: - Hierarchical directory structure - Directory IDs and names Example prompt: "Show me the folder structure of my media library" --- #### create-media-directory Creates a new directory in your media library. Input: - name: Name of the directory - parentId: Optional parent directory ID (root if not specified) Example prompt: "Create a new folder called 'Blog Images' in my media library" --- #### request-upload-media-url Returns a URL you use to upload a file (for example via POST with multipart form data), which avoids pushing large binaries through the MCP tool payload. You still need a valid file name and MIME type when uploading, as described in the tool response. Availability: Only when the MCP key has Can mutate media enabled. Example prompt: “Give me an upload URL for a new hero image, then tell me how to upload it.” Input: - fileName: Name of the file with extension - fileData: Base64-encoded file data (with data URI prefix) - parentId: Optional parent directory ID Example prompt: "Upload this image to my Blog Images folder" --- ### Linking Tools #### get_entry_pointer_link Generates an internal BCMS link to an entry for use in content. Input: - entryId: The ID of the entry to link to Returns: - Internal link format: entry:{entryId}@*_{templateId}:entry Example prompt: "Get me the internal link for the 'About Us' page entry" --- #### get_media_pointer_link Generates an internal BCMS link to a media item for use in content. Input: - mediaId: The ID of the media item Returns: - Internal link format: media:{mediaId}@*_@*_:entry Example prompt: "Get the link for the hero image so I can use it in my blog post" --- ## Content Structure ### Entry Content Nodes When creating or updating entries, content is structured as an array of nodes. Supported node types include: Type Description paragraph Standard text paragraph heading Heading (h1-h6) bulletList Unordered list orderedList Numbered list listItem List item codeBlock Code block with syntax highlighting blockquote Quote block image Image node widget Custom widget with props ### Example Content Structure ``` { "content": [ { "lng": "en", "nodes": [ { "type": "heading", "attrs": { "level": 1 }, "content": [ { "type": "text", "text": "Welcome to BCMS" } ] }, { "type": "paragraph", "content": [ { "type": "text", "text": "This is your first paragraph." } ] } ] } ] } ``` ## Security & Permissions ### MCP Key Scopes Your MCP key controls what the AI can access: - Template Access: Only templates explicitly granted in the MCP key are visible - Operation Permissions: Each template can have independent GET/POST/PUT/DELETE permissions - Media Access: Media operations are controlled separately ### Best Practices 1. Principle of Least Privilege: Only grant the permissions needed for your use case 2. Separate Keys: Create different MCP keys for different purposes or team members 3. Regular Rotation: Periodically rotate your MCP keys ## Use Cases ### Content Creation Workflows Blog Post Creation "Create a new blog post about the benefits of headless CMS. Include an introduction, three main benefits with explanations, and a conclusion. Use the Blog template." Product Updates "Update the price field for all products in the Electronics category to apply a 10% discount" ### Content Exploration Content Audit "List all blog posts that don't have a featured image set" Translation Status "Show me which entries are missing German translations" ### Media Organization Library Cleanup "Show me all unused images in the media library" Folder Setup "Create folder structure for: Products > Categories > Electronics, Clothing, Home" ## Troubleshooting ### Common Issues #### "MCP key not found" - Verify your MCP key format: keyId.keySecret.instanceId - Ensure the MCP key hasn't been deleted or deactivated - Check that you're using the correct instance #### "MCP key does not have access to template" - Review your MCP key permissions in the dashboard - Ensure the required operation (GET/POST/PUT/DELETE) is enabled for the template #### Session Expired - MCP sessions may timeout after periods of inactivity - Simply start a new conversation to establish a fresh session ### Getting Help - Documentation: [thebcms.com/docs](https://thebcms.com/docs) - Support: [[email protected]](mailto:[email protected]) - Community: [Join BCMS Discord](https://discord.com/invite/SYBY89ccaR) for community support ## Technical Reference ### Endpoint POST https://app.thebcms.com/api/v3/mcp?mcpKey={MCP_KEY} ### Transport BCMS MCP uses the Streamable HTTP transport with session management. Sessions are maintained via the mcp-session-id header. ### Response Format All tools return structured JSON responses conforming to the MCP specification with: - content: Array of content blocks - structuredContent: Typed response data ## Rate Limits MCP requests are subject to the same rate limits as API requests: - Requests are tracked per MCP key - Contact support if you need higher limits for production workloads

BoostSecurity MCP acts as a safeguard preventing agents from adding vulnerable packages into projects. It analyzes every package an AI agent introduces, flags unsafe dependencies, and recommends secure, maintained alternatives to keep projects protected.

A production-grade Model Context Protocol (MCP) server that turns Claude into a full-spectrum security analyst. Instead of juggling 15+ browser tabs across NVD, EPSS, CISA KEV, Shodan, VirusTotal, and GreyNoise, ask Claude one question and get correlated intelligence in seconds. Built with Python, FastMCP, httpx, aiosqlite, Pydantic v2, and defusedxml.

A demonstration tool showcasing potential security attack vectors against the Model Control Protocol (MCP).

A comprehensive Model Context Protocol (MCP) server for penetration testing and cybersecurity operations, providing seamless integration between Kali Linux tools and MCP-compatible clients.

MCPMate is a comprehensive Model Context Protocol (MCP) management center designed to address configuration complexity, resource consumption, security risks, and other issues in the MCP ecosystem, providing users with a unified management platform.

An open-source security proxy and active firewall for the Model Context Protocol (MCP).

MCP security gateway with DLP scanning (PII, secrets, API keys), prompt injection protection, Memory Vault, Bug Vault (295k+ patterns), and unified audit logging. Two endpoints: free bug search at /mcp and authenticated hub at /hub_mcp.

RepoFortify is a remote MCP server for production-readiness and security scanning. Connect it to your AI coding tool — Lovable, ChatGPT, Codex, Claude Code, Cursor, and other MCP clients — and scan your repository, review risk findings, and get AI fix plans without leaving where you build. Authentication required on every request; your data stays isolated to you.

A security-focused MCP server for performing safe operations on an Ubuntu system, featuring robust security controls and audit logging.

AI agent security scanner — protect LLM-powered apps from prompt injection, SQL injection, data exfiltration, and adversarial attacks via MCP.