Model Context Protocol moderate risk

Intruder

This MCP server allows clients to interact with Intruder.io for vulnerability scanning and security monitoring via API, requiring an API key for authentication.

Connections & Capabilities

Connects To

GitHubDocker

Capabilities

readwrite

Quickstart

Config

{
  "mcpServers": {
    "intruder": {
      "command": "uv",
      "args": [
        "--directory",
        "path/to/intruder-mcp/intruder_mcp",
        "run",
        "server.py"
      ],
      "env": {
        "INTRUDER_API_KEY": "your-api-key"
      }
    }
  }
}

Exposed MCP Tools (4)

moderate

start_scan

Initiates a new vulnerability scan on Intruder.io.

Starting scans can consume resources and potentially trigger alerts.

safe

get_scan_results

Retrieves the results of a specific vulnerability scan.

Read-only operation with no side effects.

safe

list_scans

Lists all vulnerability scans associated with the Intruder.io account.

Read-only operation with no side effects.

high

update_target

Updates the target configuration for a specific scan.

Modifying target configurations can impact scan scope and results.

Safety Assessment

This MCP server is relatively safe when the Intruder API key is managed securely. Risks increase if the API key is exposed or if the client is configured to make destructive changes to Intruder configurations. Exercise caution when granting write access.

API key authentication required.
Intruder.io handles the underlying security scanning.
Limited scope of operations through the Intruder API.
No direct system-level access.

Exposure of Intruder API key if not handled securely.
Potential for unintended modifications to Intruder configurations.
Reliance on Intruder.io's security measures.
Vulnerability scanning can potentially trigger alerts or actions based on scan results.