feat: migrate from Invariant mcp-scan to Cisco AI Defense mcp-scanner #292
+789
−415
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Replace Invariant Labs mcp-scan tool with the open-source Cisco AI Defense mcp-scanner for MCP security scanning. Key changes: - Update scripts to use Cisco scanner with stdio mode - Migrate issue codes from Invariant (TF001, TF002, E001, W001) to AITech taxonomy (AITech-8.2, AITech-9.1, AITech-12.1, AITech-1.1) - Add optional LLM analyzer support for semantic analysis - Update all spec.yaml allowlists to use new taxonomy - Update CI workflow and Taskfile for new scanner - Update documentation with LLM provider configuration The scanner supports both YARA (pattern-based, always enabled) and LLM (semantic, optional) analyzers. LLM analysis can be enabled via MCP_SCANNER_ENABLE_LLM environment variable. Refs: https://github.com/cisco-ai-defense/mcp-scanner Co-Authored-By: Claude Opus 4.5 <[email protected]>
🔒 MCP Security Scan Results✅ adb-mysql-mcp-server
✅ arxiv-mcp-server
|
- Use --stdio-args instead of deprecated --stdio-arg in run_scan.py - Redirect stderr to separate file instead of combining with stdout to prevent JSON corruption in CI and local scans - Use JSONDecoder.raw_decode() to handle extra data after JSON - Show stderr output for debugging when scans fail These fixes address CI failures caused by stderr output (like MCP server startup messages) being mixed with JSON output. Co-Authored-By: Claude Opus 4.5 <[email protected]>
Revert from --stdio-args back to --stdio-arg. While --stdio-arg is deprecated, --stdio-args has different argument parsing behavior that causes issues with some package names in CI. Co-Authored-By: Claude Opus 4.5 <[email protected]>
These MCP servers require API credentials to start and cannot be scanned in CI without them. Adding insecure_ignore: true allows CI to pass while documenting the credential requirements. Servers updated: - context7 (CONTEXT7_API_KEY) - brightdata-mcp (API_TOKEN) - browserbase-mcp-server (BROWSERBASE_API_KEY, BROWSERBASE_PROJECT_ID, GEMINI_API_KEY) - graphlit-mcp-server (GRAPHLIT_JWT_SECRET) - heroku-mcp-server (HEROKU_API_KEY) - launchdarkly-mcp-server (LD_ACCESS_TOKEN) - magic-mcp (API_KEY) - mcp-server-neon (NEON_API_KEY) - notion (NOTION_TOKEN) - phoenix-mcp (PHOENIX_API_KEY, PHOENIX_BASE_URL) - sentry-mcp-server (SENTRY_ACCESS_TOKEN) - supabase-mcp-server (SUPABASE_ACCESS_TOKEN) - mcp-neo4j-memory (NEO4J_URL, NEO4J_USERNAME, NEO4J_PASSWORD) Co-Authored-By: Claude Opus 4.5 <[email protected]>
These servers also require API credentials to start: - mcp-server-circleci (CIRCLECI_API_TOKEN) - onchain-mcp (Bankless API credentials) Co-Authored-By: Claude Opus 4.5 <[email protected]>
This server requires Astra DB credentials to start and cannot be scanned in CI without them. Co-Authored-By: Claude Opus 4.5 <[email protected]>
rdimitrov
approved these changes
Jan 16, 2026
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Changes
Core Scripts
scripts/mcp-scan/run_scan.py: Rewrote to use Cisco scanner with stdio modescripts/mcp-scan/process_scan_results.py: Updated to parse AITech taxonomy findingsscripts/mcp-scan/generate_mcp_config.py: Simplified for stdio modescripts/mcp-scan/global_allowed_issues.yaml: Cleared (Invariant-specific codes removed)scripts/mcp-scan/README.md: Added LLM providers documentationCI/CD
.github/workflows/build-containers.yml: Updated scanner invocationTaskfile.yml: Updated scan tasksSpec Files (20 files)
Updated security allowlists with AITech taxonomy codes for all MCP servers.
Documentation
Issue Code Mapping
LLM Analysis (Optional)
The scanner supports optional LLM analysis for better semantic understanding:
Supports 100+ providers via LiteLLM (OpenAI, Anthropic, AWS Bedrock, Ollama, etc.)
Test plan
task scan-setupto install scannertask scan -- npx/context7to test single server scantask scan-allto verify all servers passMCP_SCANNER_ENABLE_LLM=true🤖 Generated with Claude Code