io.github.cyanheads/pentest-mcp-server

io.github.cyanheads/pentest-mcp-server·v0.1.1·Search

Offline methodology engine for authorized penetration testing, CTF, and security research.

Trust verdict · v1 advisory · method

NOT YET SCREENEDno verdict on file

Verdict not yet evaluated for this tool. The hybrid eval runs adversarial cases first; coverage rolls out as the corpus expands (15 of 150 labels to graduation). Until a verdict is recorded, an agent should treat this tool as not-yet-cleared and fall back to its own checks. Method: hybrid eval, four-state verdict, honest limits.

Environment variables

MCP_LOG_LEVEL

Sets the minimum log level for output (e.g., 'debug', 'info', 'warn').

MCP_HTTP_HOST

The hostname for the HTTP server.

MCP_HTTP_PORT

The port to run the HTTP server on.

MCP_HTTP_ENDPOINT_PATH

The endpoint path for the MCP server.

MCP_AUTH_MODE

Authentication mode to use: 'none', 'jwt', or 'oauth'.

MCP_LOG_LEVEL

Sets the minimum log level for output (e.g., 'debug', 'info', 'warn').

MCP quality score · maturity, not trust · methodology

freshness

completeness

installability

documentation

stability

Alternatives in Search

Agentic News

ai.agentic-news/mcp

AI-powered news intelligence — 21 tools for personalized monitoring, briefings, and semantic search

Boolsai Signals

ai.boolsai/signals

Quant-research MCP — tradeable signals from public-company website stack changes. 7 tools.

BuyWhere MCP

ai.buywhere/buywhere-mcp

Product search, price comparison, and affiliate-ready shopping across Singapore and US retailers.

Install

Remote endpoint

Streamable HTTP / SSE endpoint. Add to any MCP client that supports remote servers.

https://pentest.caseyjhand.com/mcp

Claude Desktop (claude_desktop_config.json)

{
  "mcpServers": {
    "pentest-mcp-server": {
      "command": "npx",
      "args": [
        "-y",
        "@cyanheads/pentest-mcp-server"
      ],
      "env": {
        "MCP_LOG_LEVEL": "info",
        "MCP_HTTP_HOST": "127.0.0.1",
        "MCP_HTTP_PORT": "3010",
        "MCP_HTTP_ENDPOINT_PATH": "/mcp",
        "MCP_AUTH_MODE": "none"
      }
    }
  }
}

Cursor (.cursor/mcp.json)

{
  "mcpServers": {
    "pentest-mcp-server": {
      "command": "npx",
      "args": [
        "-y",
        "@cyanheads/pentest-mcp-server"
      ],
      "env": {
        "MCP_LOG_LEVEL": "info",
        "MCP_HTTP_HOST": "127.0.0.1",
        "MCP_HTTP_PORT": "3010",
        "MCP_HTTP_ENDPOINT_PATH": "/mcp",
        "MCP_AUTH_MODE": "none"
      }
    }
  }
}

Cline (cline_mcp_settings.json)

npx -y @cyanheads/pentest-mcp-server

Verdict API

curl -s mcpindex.ai/api/v1/trust/server/io-github-cyanheads-pentest-mcp-server

Free-tier verdict as JSON: decision + dimensions + severity. Call it from your agent before it invokes a tool it just discovered.

Details

version: v0.1.1
category: Search
quality: 80 / 100
operator: cyanheads

Provenance

Verdict history is anchored to Bitcoin via OpenTimestamps. The free tier returns the current verdict only; the anchored record is served on the authenticated tier.

Links

Repository →Remote endpoint →