@zfuzz/mcp
v0.2.1
Published
Security copilot for your IDE. SAST, SCA, secrets, threat modeling — right where you code. Rust-native, zero config, runs 100% locally.
Maintainers
Readme

Install · Tools · Agents · When to use · Security · zfuzz.com
Zfuzz — security for everyone who builds with AI
You ask. Your AI answers with real scanners — not guesses.
Catch SQL injection, leaked API keys, and vulnerable dependencies while you build — no security background required. You don't run tools. You don't read dashboards. You just talk to your AI, and Zfuzz gives it real answers.
$0 · Apache-2.0 · No account · No API key · 100% local · Nothing leaves your machine
Made for vibe coders and developers alike. It plugs straight into the AI tools you already use — Cursor, Claude Code, Codex, Gemini CLI, OpenCode — and the web builders AI Studio, v0, and Lovable.
⚡ Add it in 10 seconds
Pick your tool. Copy one line. Done. No setup wizard, no account, no config to learn.
Cursor — one click
Click the button → Cursor opens → press Install. That's your two clicks.
Claude Code
Paste this in the chat and hit enter:
claude mcp add zfuzz -- npx -y @zfuzz/mcpVS Code (Copilot)
code --add-mcp '{"name":"zfuzz","command":"npx","args":["-y","@zfuzz/mcp"]}'Codex
codex mcp add zfuzz npx -y @zfuzz/mcpGemini CLI
gemini mcp add zfuzz npx -y @zfuzz/mcpLovable · v0 · AI Studio — in your browser, no install
Open your tool's MCP / Integrations settings and paste this URL:
https://api.zfuzz.com/mcpClaude Desktop — Settings → Developer → Edit Config, then add:
{
"mcpServers": {
"zfuzz": { "command": "npx", "args": ["-y", "@zfuzz/mcp"] }
}
}OpenCode — add to opencode.json:
{
"mcp": {
"zfuzz": { "type": "local", "command": ["npx", "-y", "@zfuzz/mcp"] }
}
}Self-host the web (HTTP) endpoint instead of using the hosted URL:
npx -y @zfuzz/mcp --transport http --port 8099Then point your tool at http://localhost:8099/mcp.
(Use port 8099, not 8090 — 8090 is the Zfuzz platform's own port.)
That's it. Keep talking to your AI like normal — the first time your code needs a security check, it calls Zfuzz on its own.
Agent compatibility matrix
Works with every major AI coding agent — and any MCP-compatible client. One line locally, or a hosted URL in the browser. Same 10 tools everywhere.
| Agent | Zfuzz | One-line setup |
|---|:---:|---|
| Claude Code | ✅ | claude mcp add zfuzz -- npx -y @zfuzz/mcp |
| Cursor | ✅ | one-click button above (or .cursor/mcp.json) |
| VS Code · Copilot | ✅ | code --add-mcp '{"name":"zfuzz",…}' |
| Codex | ✅ | codex mcp add zfuzz npx -y @zfuzz/mcp |
| Gemini CLI | ✅ | gemini mcp add zfuzz npx -y @zfuzz/mcp |
| Claude Desktop | ✅ | add zfuzz to the MCP config |
| OpenCode | ✅ | add zfuzz to opencode.json |
| Lovable · v0 · AI Studio | ✅ | paste the hosted URL https://api.zfuzz.com/mcp |
| Any other MCP client | ✅ | stdio npx -y @zfuzz/mcp, or the hosted URL in-browser |
No per-agent config to learn — the exact copy-paste line for each is under Add it in 10 seconds.
What it feels like
You: Is my login page safe?
AI: [scans your file] Found 2 issues:
- SQL injection on line 42 — anyone could read your whole database.
- No rate limiting on the login — bots can guess passwords forever. Here's the fix… [writes the patch]
You: Did I leave any passwords or keys in my code?
AI: [scans the project] Yes — your OpenAI key is hard-coded in
config.js. Anyone who sees this repo can use it on your bill. Move it to an environment variable — here's how…
You: Are the packages I installed safe?
AI: [checks your dependencies] 2 have known security holes.
lodashlets attackers run code on your server. One command fixes both:npm update lodash axios.
You never typed a command, opened a scanner, or read a report. You just asked.
See it in action

You vibecode it. It ships with holes you can't see. Zfuzz catches them all — before you ship, for $0.
You don't need to understand security
- You never run a scanner yourself — your AI does, automatically, when it matters.
- You never read a dashboard — answers come back in plain English, in your chat.
- You never pay and nothing leaves your computer — no account, no cloud, no API key.
If you can copy-paste one line, you're covered.
What's under the hood
10 real tools your AI can call (it picks the right one — you don't have to):
| Tool | In plain English |
|------|------------------|
| scan_code | Finds bugs attackers exploit — 441 rules, 7 languages (Python, JS/TS, Go, Java, Rust, Ruby, PHP). |
| scan_secrets | Catches leaked passwords & API keys — 419 patterns (AWS, GitHub, Stripe, OpenAI, Anthropic…). |
| scan_dependencies | Flags packages with known security holes (CVEs via OSV.dev). |
| scan_mcp_config | Audits the MCP servers you install — hidden instructions, unicode tricks, wildcard permissions, unauthenticated remote servers. Returns a risk score + install verdict. |
| scan_skill | Vets an agent skill (its SKILL.md + bundled scripts) before you install it — hidden instructions, unicode deception, over-broad triggers, wildcard tool grants, and dangerous code or leaked secrets in its scripts. |
| reconcile_permissions | Compares the tools your agents actually use against what they declared — flags capabilities used but never declared, and permissions granted but never used (least privilege, from runtime telemetry). |
| check_mitre | Maps any finding to real-world attack techniques (MITRE ATT&CK). |
| threat_model | Asks "how could this be attacked?" across your whole project (STRIDE + MITRE). |
| explain_finding | Explains any vulnerability — and the fix — in everyday language. |
| search_security_procedures | Looks up 754 security playbooks (incident response, hardening, compliance). |
Built in Rust for sub-second answers. The AI brain is your editor's own model (Claude/GPT) — Zfuzz adds the security muscle, not another subscription.
What's inside
| | | |---|---| | 441 SAST rules across 7 languages | 419 secret-detection patterns | | 75+ MITRE ATT&CK techniques | 754 security playbooks | | Rust — sub-second scans | 100% local — nothing leaves your machine |
What a scan actually returns
You: Is this skill safe to install?
AI: [runs
scan_skill]Verdict: DO NOT INSTALL (risk 100/100, 6 findings) CRIT ZF-C001 Prompt Injection Pattern Detected @ description MED ZF-SK001 Overly Broad Skill Trigger @ description HIGH ZF-LP001 Wildcard Permission Grant (Bash(*), *) @ allowed-tools CRIT ZF-C002 Pipe-to-Shell Download-Exec (curl | bash) @ setup.sh HIGH ZF-H001 Hardcoded Secret: AWS Access Key ID @ setup.shThis skill hides "ignore all previous instructions" in its description, grants itself every tool, and its setup script pipes a remote payload straight into a shell. Don't install it.
Every finding is from a real deterministic scanner — there is no model guessing in the scan path.
Why not Snyk or Semgrep?
| | Snyk / Semgrep | Zfuzz | |---|---|---| | Where | A pipeline, 5–10 min after you push | Right in your editor, in seconds | | When | After the bug shipped | While you're writing it | | How | A dashboard + email alerts | A normal conversation with your AI | | For non-coders | No — built for security teams | Yes — built for you | | Cost | $25–100 / dev / month | Free, forever |
When to use · When to skip
Great fit if you…
- Vibecode apps with AI (Lovable, Cursor, v0, Bolt, Claude Code) and want them checked before you ship — without learning security.
- Want leaked keys, injectable code, and risky dependencies caught right in your editor, in plain English.
- Want to vet an MCP server or agent skill before you install it.
Skip it if you…
- Already run a full security team + pipeline and don't want findings in the editor.
- Work fully offline with no Node.js (the scanner binary is pulled via
npx/@zfuzz/cli). - Need a hosted dashboard with audit logs and SSO — that's the Zfuzz platform, not the free MCP.
Updating
npx -y @zfuzz/mcp always resolves the latest published version — most people never do anything.
npm view @zfuzz/mcp version # see the latest release
npm i -g @zfuzz/cli@latest # only if you pinned the CLI globallyPinned a version in your MCP config? Bump it (or drop the pin) and restart your agent.
Documentation
| Start here | Go deeper | |---|---| | User guide — install & first scan | What it scans — coverage & approach | | Security policy — reporting & local-first design | Contributing — dev setup | | Add it in 10 seconds — every agent | zfuzz.com — the full platform |
Free · Open · Local
No API keys. No cloud account. No telemetry. Runs 100% on your machine — your code never leaves it. Apache-2.0 licensed, open source.
Contributing
Issues and PRs welcome — see CONTRIBUTING.md for dev setup. Found a vulnerability? Please follow SECURITY.md — don't open a public issue.
Community & support
- Questions / bugs — open an issue on this repo.
- Security reports — see SECURITY.md.
- The platform — zfuzz.com.
License
Apache-2.0 — free & open source. © Zfuzz
Part of the Zfuzz security platform.
