Armis Security Scanner

AI-powered security scanning. Scans code, files, and git diffs for vulnerabilities in real-time using the Armis scanning API.

GitHub

Armis AppSec MCP Plugin

AI-powered security scanning for Claude Code. Scans code, files, and git diffs for vulnerabilities in real-time using the Armis scanning API.

Features

scan_code — Scan a code snippet for vulnerabilities
scan_file — Scan a file on disk
scan_diff — Scan git changes (staged, unstaged, or diff against a branch)
Commit gate — Automatically blocks git commit, git push, and gh pr create until code is scanned
/security-scan — On-demand scanning via slash command

Installation

1. Add the marketplace

In Claude Code:

/plugin marketplace add ArmisSecurity/armis-appsec-mcp

2. Install the plugin

/plugin install armis-appsec@armis-appsec-mcp

This unpacks the plugin into a versioned directory under ~/.claude/plugins/cache/armis-appsec-mcp/armis-appsec/<version>/.

3. Set credentials

Run this in a shell after installing — it locates the unpacked plugin directory and writes .env into it:

PLUGIN_DIR="$(ls -dt ~/.claude/plugins/cache/armis-appsec-mcp/armis-appsec/*/ | head -1)"
cat > "$PLUGIN_DIR/.env" << 'EOF'
ARMIS_CLIENT_ID=<your-client-id>
ARMIS_CLIENT_SECRET=<your-client-secret>
EOF
chmod 600 "$PLUGIN_DIR/.env"

Contact the Armis AppSec team if you don't have credentials.

4. Restart Claude Code

The plugin loads automatically. Verify with:

/security-scan

Usage

Scan staged changes (default)

/security-scan

Scan a specific file

/security-scan path/to/file.py

Scan diff against a branch

/security-scan ref=main

Scan pasted code

Paste code into the conversation and ask:

Is this code secure?

Commit gate

When Claude runs git commit, git push, or gh pr create, the plugin automatically:

Blocks the command
Instructs Claude to scan the changes
Allows the command after a clean scan (no HIGH/CRITICAL findings)

If HIGH/CRITICAL findings are found, Claude will attempt to fix them. If findings remain after remediation, Claude asks for your approval before proceeding.

Configuration

Environment Variable	Default	Description
`ARMIS_CLIENT_ID`	(required)	Client ID for authentication
`ARMIS_CLIENT_SECRET`	(required)	Client secret for authentication
`APPSEC_ENV`	`prod`	`dev` or `prod` — selects API endpoint
`APPSEC_API_URL`	(auto)	Override the API base URL
`APPSEC_DEBUG`	(unset)	Set to any value to enable debug logging

Running Tests

pip install pytest httpx mcp[cli] python-dotenv
python -m pytest hooks/tests/ -v

Architecture

              +---------------------+
              |  Armis Cloud        |
              |  POST /scan/fast    |
              +--------+------------+
                       ^
                       | HTTPS (JWT Bearer)
              +--------+------------+
              |   Scanner Core       |
              |  scanner_core.py     |
              +--------+------------+
                 +-----+------+
                 |            |
           +-----v-----+ +---v---------+
           | MCP Server | | PreToolUse  |
           | server.py  | | Hook        |
           +------------+ +-------------+

License

Apache License 2.0 — see LICENSE for details.

İlgili Sunucular

Alpha Vantage MCP Server

sponsor

Access financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more

Nanostores MCP

MCP server for the Nanostores library

SolHunt Solana Wallet Intelligence

Solana wallet health analysis platform and top-notch dev tool. Helps people and agents to recover their SOLs from burner and old wallets super securely. Features a complete trustless recovery flow natively via MCP: preview yields, build unsigned transactions, and sign locally.

Laravel MCP Server

A Laravel package for building secure Model Context Protocol servers with real-time communication using SSE.

MCPatterns

A server for storing and retrieving personalized coding patterns from a local JSONL file.

ast-grep MCP

An experimental MCP server that uses the ast-grep CLI for code structural search, linting, and rewriting.

Web3 MCP

Interact with multiple blockchains including Solana, Ethereum, THORChain, XRP Ledger, TON, Cardano, and UTXO chains.

Claude Code Exporter

Export and organize Claude Code conversations with powerful filtering. Supports CLI and MCP server integration for Claude Desktop.

evm-mcp

An MCP server that provides complete access to Ethereum Virtual Machine (EVM) JSON-RPC methods. Works with any EVM-compatible node provider including Infura, Alchemy, QuickNode, local nodes, and more.

Jupyter MCP Server

Interact with Jupyter notebooks running in any JupyterLab environment, supporting real-time control and smart execution of notebook cells.

Awesome LLMs Txt

Access documentation from the Awesome-llms-txt repository directly in your conversations.