Command Palette

Search for a command to run...

UnylyUnyly
Весь каталог

tatavarthitarun/nowsecure-mcp-server

БесплатноНе проверен

MCP server for NowSecure Platform mobile security testing. List applications, pull remediation findings via GraphQL, and generate PDF reports locally (bypasses

GitHubEmbed

Описание

MCP server for NowSecure Platform mobile security testing. List applications, pull remediation findings via GraphQL, and generate PDF reports locally (bypasses broken UI export). Published as nowsecure-mcp-server. npx -y nowsecure-mcp-server

README

Made by Tatavarthi Tarun · LinkedIn

A small Model Context Protocol (MCP) server for NowSecure Platform. Built to work around the broken UI PDF export (Failed to load report data: Enum "JiraIntegrationCustomFieldType" cannot represent value: "") by pulling findings through the REST + GraphQL APIs and, when needed, rendering the remediation PDF locally instead of relying on NowSecure's report service.

Requirements

  • Node.js >= 18 (the only prerequisite — npx fetches the package on demand)
  • A NowSecure Platform API token (PAT) — each user supplies their own (see Auth)

Tools

Tool What it does
list_applications Lists your portfolio apps (REST). Find app refs + latest assessment.
get_remediation_findings Returns findings needing remediation as JSON (GraphQL). Ideal for feeding an agent.
generate_remediation_pdf Renders a clean PDF locally from the findings. Works even when NowSecure's renderer fails.
download_assessment_pdf Tries NowSecure's REST PDF endpoint (separate path from the broken UI export).

Auth (each user uses their own token)

Every user generates their own NowSecure Platform API bearer token (PAT) and puts it in their local MCP config. No token is bundled with this package.

Create one in Platform: Profile icon (top right) > Tokens.

  • NOWSECURE_TOKEN (required) — your personal PAT
  • NOWSECURE_API_BASE (optional) — defaults to https://api.nowsecure.com

Install

No clone or manual install needed — npx fetches and runs the latest version. You just need Node.js >= 18.

MCP client config

All examples run the package via npx (no clone/install needed — just Node.js

= 18). Replace the token with your own personal PAT.

Claude Code

Use the CLI (recommended — it validates and writes to the right file):

claude mcp add nowsecure --env NOWSECURE_TOKEN=<your-personal-pat-here> -- npx -y nowsecure-mcp-server

Add --scope user to make it available across all your projects. Or edit .mcp.json (project) / ~/.claude.json (user) directly:

{
  "mcpServers": {
    "nowsecure": {
      "command": "npx",
      "args": ["-y", "nowsecure-mcp-server"],
      "env": { "NOWSECURE_TOKEN": "<your-personal-pat-here>" }
    }
  }
}

Cursor

Edit ~/.cursor/mcp.json (global) or .cursor/mcp.json (per project):

{
  "mcpServers": {
    "nowsecure": {
      "command": "npx",
      "args": ["-y", "nowsecure-mcp-server"],
      "env": { "NOWSECURE_TOKEN": "<your-personal-pat-here>" }
    }
  }
}

Google Antigravity

In the agent panel / Settings, open MCP Servers → Manage / Raw Config to edit mcp_config.json, then add:

{
  "mcpServers": {
    "nowsecure": {
      "command": "npx",
      "args": ["-y", "nowsecure-mcp-server"],
      "env": { "NOWSECURE_TOKEN": "<your-personal-pat-here>" }
    }
  }
}

GitHub Copilot (VS Code)

VS Code uses a top-level servers key (not mcpServers). Add to .vscode/mcp.json in your workspace, or your user mcp.json (Command Palette → MCP: Open User Configuration):

{
  "servers": {
    "nowsecure": {
      "type": "stdio",
      "command": "npx",
      "args": ["-y", "nowsecure-mcp-server"],
      "env": { "NOWSECURE_TOKEN": "<your-personal-pat-here>" }
    }
  }
}

Kiro

Add to ~/.kiro/settings/mcp.json (global) or .kiro/settings/mcp.json (workspace):

{
  "mcpServers": {
    "nowsecure": {
      "command": "npx",
      "args": ["-y", "nowsecure-mcp-server"],
      "env": { "NOWSECURE_TOKEN": "<your-personal-pat-here>" },
      "disabled": false,
      "autoApprove": ["list_applications", "get_remediation_findings"]
    }
  }
}

If published to a private/scoped registry, use the scoped name instead, e.g. "args": ["-y", "@your-scope/nowsecure-mcp-server"].

Example usage

First list your apps with list_applications to find an app ref, then ask your agent (placeholders shown — substitute your own refs):

Generate a remediation PDF for app <app-ref-uuid> to ./remediation.pdf

If you omit the assessment ref, the latest assessment for that app is used.


Author

Tatavarthi Tarun 🎈💜 linkedin.com/in/tatav

If this saved you from NowSecure's broken PDF export, a connect on LinkedIn is appreciated!

from github.com/tatavarthitarun/nowsecure-mcp-server

Установка tatavarthitarun/nowsecure-mcp-server

У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.

▸ github.com/tatavarthitarun/nowsecure-mcp-server

FAQ

tatavarthitarun/nowsecure-mcp-server MCP бесплатный?

Да, tatavarthitarun/nowsecure-mcp-server MCP бесплатный — установка в пару кликов через Unyly без оплаты.

Нужен ли API-ключ для tatavarthitarun/nowsecure-mcp-server?

Нет, tatavarthitarun/nowsecure-mcp-server работает без API-ключей и переменных окружения.

tatavarthitarun/nowsecure-mcp-server — hosted или self-hosted?

Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.

Как установить tatavarthitarun/nowsecure-mcp-server в Claude Desktop, Claude Code или Cursor?

Открой tatavarthitarun/nowsecure-mcp-server на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.

Похожие MCP

Compare tatavarthitarun/nowsecure-mcp-server with

Не уверен что выбрать?

Найди свой стек за 60 секунд

Автор?

Embed-бейдж для README

Похожее

Все в категории design