{"passport":{"unfragile":{"@version":"1.0","version":"2026-05","artifact":{"id":"smithery_securityscan-api-securityscan","slug":"securityscan-api-securityscan","name":"SecurityScan","type":"mcp","url":"https://smithery.ai/servers/securityscan-api/securityscan","page_url":"https://unfragile.ai/securityscan-api-securityscan","categories":["code-review-security"],"tags":["mcp","model-context-protocol","smithery:securityscan-api/securityscan"],"pricing":{"model":"open_source","free":true,"starting_price":null},"status":"active","verified":false},"capabilities":[{"id":"smithery_securityscan-api-securityscan__cap_0","uri":"capability://safety.moderation.vulnerability.scanning.for.github.repositories","name":"vulnerability scanning for github repositories","description":"This capability scans GitHub repositories for various vulnerabilities such as prompt injection, malware, and OWASP risks by integrating with the GitHub API to fetch repository contents and analyze them against a set of predefined security rules. It employs static analysis techniques to identify potential security threats in the code and dependencies, generating detailed reports that outline the findings and compliance status. The use of a modular rule engine allows for easy updates to security checks as new vulnerabilities are discovered.","intents":["How can I check my GitHub repository for security vulnerabilities?","What are the OWASP risks present in my codebase?","Can I get a report on the security status of my project?"],"best_for":["developers maintaining open-source projects","security teams auditing codebases"],"limitations":["Limited to public repositories unless authenticated access is provided","May not detect runtime vulnerabilities as it performs static analysis only"],"requires":["GitHub account with access to repositories","Node.js 14+"],"input_types":["text","code"],"output_types":["structured data","text"],"categories":["safety-moderation","security-tools"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"smithery_securityscan-api-securityscan__cap_1","uri":"capability://safety.moderation.dependency.vulnerability.identification","name":"dependency vulnerability identification","description":"This capability identifies security threats in external dependencies by analyzing the package manifests (like package.json or requirements.txt) and cross-referencing them with known vulnerability databases. It uses a combination of heuristic and signature-based detection methods to flag outdated or vulnerable libraries, providing developers with actionable insights to remediate issues. The integration with popular vulnerability databases ensures that the tool remains up-to-date with the latest security threats.","intents":["How can I find vulnerabilities in my project's dependencies?","What external libraries in my project are outdated or insecure?","Can I get alerts for known vulnerabilities in my dependencies?"],"best_for":["developers managing complex projects with multiple dependencies","DevOps teams ensuring software supply chain security"],"limitations":["Dependency scanning is limited to supported package managers","Requires internet access to query vulnerability databases"],"requires":["Node.js 14+","Access to project repository"],"input_types":["text","code"],"output_types":["structured data","text"],"categories":["safety-moderation","dependency-management"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"smithery_securityscan-api-securityscan__cap_2","uri":"capability://data.processing.analysis.detailed.security.reporting","name":"detailed security reporting","description":"This capability generates comprehensive security reports that summarize the findings from the vulnerability scans and dependency checks. It compiles data into a structured format that includes severity levels, remediation steps, and compliance status, making it easy for developers and security teams to understand the security posture of their projects. The reports can be exported in various formats, including JSON and PDF, for sharing with stakeholders.","intents":["Can I get a detailed report on my project's security vulnerabilities?","How do I present security findings to my team?","What is the compliance status of my project based on the latest scans?"],"best_for":["project managers needing to report on security compliance","security auditors reviewing project health"],"limitations":["Reports may be limited in detail for smaller projects","Export formats may not include all data points"],"requires":["Node.js 14+","Access to project repository"],"input_types":["structured data"],"output_types":["structured data","text"],"categories":["data-processing-analysis","reporting-tools"],"confidence":0.5,"matches":0,"success_rate":0}],"trust":{"score":38,"verified":false,"data_access_risk":"high","permissions":["GitHub account with access to repositories","Node.js 14+","Access to project repository"],"failure_modes":["Limited to public repositories unless authenticated access is provided","May not detect runtime vulnerabilities as it performs static analysis only","Dependency scanning is limited to supported package managers","Requires internet access to query vulnerability databases","Reports may be limited in detail for smaller projects","Export formats may not include all data points","builder identity is not verified yet","no observed match outcomes yet"],"rank_breakdown":{"adoption":0.5060187468268565,"quality":0.31,"ecosystem":0.38999999999999996,"match_graph":0.25,"freshness":0.5,"weights":{"adoption":0.25,"quality":0.25,"ecosystem":0.15,"match_graph":0.23,"freshness":0.12}},"observed_outcomes":{"matches":0,"success_rate":0,"avg_confidence":0,"top_intents":[],"last_matched_at":null},"maintenance":{"status":"active","updated_at":"2026-05-24T12:16:28.138Z","last_scraped_at":"2026-05-03T15:18:30.334Z","last_commit":null},"community":{"stars":null,"forks":null,"weekly_downloads":null,"model_downloads":null,"model_likes":null}},"distribution":{"claim_url":"https://unfragile.ai/submit?claim=securityscan-api-securityscan","compare_url":"https://unfragile.ai/compare?artifact=securityscan-api-securityscan"}},"signature":"ZVdOSOR+X517gjCqJxEyKz2DbkSt2Mce0+RPXqeGZDb2o8UMpda3QEYAGHhLIBAd8hq06wjlQCiQKoSffjjNAg==","signedAt":"2026-06-22T04:46:19.488Z","signedBy":"unfragile.ai","version":1},"_links":{"self":"https://unfragile.ai/api/v1/passport/securityscan-api-securityscan","artifact":"https://unfragile.ai/securityscan-api-securityscan","verify":"https://unfragile.ai/api/v1/verify?slug=securityscan-api-securityscan","publicKey":"https://unfragile.ai/api/v1/trust-passport-public-key","spec":"https://unfragile.ai/trust","schema":"https://unfragile.ai/schema.json","docs":"https://unfragile.ai/docs"}}