VSGuard

MCP server to make your code compliant with ASVS requirements
  • python

3

GitHub Stars

python

Language

6 months ago

First Indexed

2 months ago

Catalog Refreshed

Documentation & install

Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.

Installation

Add the following to your MCP client configuration file.

Configuration

View docs

VSGuard MCP is a security-focused MCP server that integrates OWASP ASVS guidance and vulnerability scanning into your AI-assisted coding workflow. It helps AI agents generate secure code from the start by providing real-time security requirements, code scanning, and secure fixes as you type.

How to use

You connect VSGuard MCP to your MCP client (such as Claude Code or Cursor) to enable proactive security during code generation. You can discover ASVS categories, check security requirements before writing code, scan code for vulnerabilities, and generate secure code fixes with explanations. Use the HTTP configuration for remote operation or the stdio configuration for a local runtime, depending on your setup.

How to install

Prerequisites: Python installed on your system. You will also need pip to install dependencies.

Option 1: Install via Smithery (remote install) using the official installer.

# Install VSGuard MCP via Smithery
npx -y @smithery/cli install @harn1shmodi/vsguard

Configure the MCP client to connect to VSGuard

Choose either a remote HTTP connection or a local stdio connection. The following configurations are explicitly provided for VSGuard MCP.

{
  "mcpServers": {
    "vsguard": {
      "type": "http",
      "url": "https://vsguard.fastmcp.app/mcp",
      "args": []
    },
    "vsguard_mcp": {
      "type": "stdio",
      "command": "python",
      "args": ["/absolute/path/to/vsguard-mcp/src/server.py"]
    }
  }
}

Additional setup steps

If you plan to run VSGuard locally, install dependencies and start the server using the provided Python entry point.

Notes and usage tips

  • The HTTP config is the remote endpoint you connect to from your MCP client. - The stdio config runs a local Python server process that the MCP client can communicate with directly on your machine.

Tool capabilities you can use with VSGuard MCP

  • list_asvs_categories: Discover all ASVS chapters and categories to target your security goals.

  • check_security_requirements: Retrieve relevant ASVS requirements before coding, filter by category or chapter, and adjust level to save tokens.

  • scan_code: Analyze code for vulnerabilities mapped to ASVS requirements.

  • suggest_fix: Generate secure code alternatives with explanations and remediation guidance.

Troubleshooting

If you cannot connect to the HTTP endpoint, verify the URL and network access. If you run a local stdio server, ensure the Python script path is correct and the server starts without errors.

Available tools

list_asvs_categories

Discover available ASVS categories and chapters to target security efforts.

check_security_requirements

Fetch relevant ASVS requirements before writing code, with filters for category, chapter, language, and level.

scan_code

Analyze code for vulnerabilities with ASVS mappings.

suggest_fix

Generate secure code alternatives with explanations and remediation guidance.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational