Sentinel

Provides enterprise-grade security scanning and compliance tooling via an MCP server with Dockerized tools and JSON logs.
  • python

1

GitHub Stars

python

Language

3 months ago

First Indexed

3 weeks ago

Catalog Refreshed

Documentation & install

Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.

Installation

Add the following to your MCP client configuration file.

Configuration

View docs

Sentinel MCP Server provides enterprise-grade security scanning and compliance tooling executed in isolated Docker containers, allowing you to integrate security checks into your development workflow without installing tools locally. It orchestrates a suite of scanners, supports structured logging, and offers AI-assisted threat modeling to help you assess risks across your projects.

How to use

You connect to Sentinel MCP Server from your MCP client to run automated security checks on your codebase and dependencies. Start the server locally or remotely, then trigger scans from your client using the standard MCP workflow. You can run a full suite of tools for SAST, SCA, secret scanning, DAST, and API fuzzing, and you can view results in JSON-formatted logs for easy consumption by your dashboards.

How to install

Prerequisites you need on your machine are Docker and Python version 3.13 or higher.

Step 1. Prepare the workspace and environment for a local development setup.

Step 2. Install dependencies and run the server locally.

1.  Clone the project directory
    cd sentinel-mcp-server

2.  Create a virtual environment
    python3 -m venv .venv
    source .venv/bin/activate

3.  Install dependencies
    pip install .

To start the MCP server for testing, use the runtime command described in the next section.

Runtime and running the server

To run Sentinel MCP Server locally, start it using the MCP runtime command as shown below. This launches the Python entry point that powers the MCP server.

mcp run python src/sentinel/server.py

Available tools

Semgrep

SAST analysis using the Semgrep engine with OWASP Top 10 and CWE rules to identify security issues in code.

Trivy

SCA and compliance scanning to detect vulnerable components and policy violations.

Grype

Vulnerability scanning for container images and software packages.

Gitleaks

Secret scanning to detect exposed credentials in codebases.

OWASP ZAP

DAST web application scanning to find runtime security issues.

ClamAV

Malware scanning to detect malicious code or payloads.

Schemathesis

API fuzzing to validate REST/GraphQL APIs against schemas.

EOL Scanner

Runtime and framework end-of-life checks via built-in API.

Crypto Scanner

SSL/TLS compliance checks for certificates and configurations.

AI Threat Modeler

STRIDE analysis with AI-assisted threat modeling and diagrams.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational