npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

dradis-mcp

v2.1.0

Published

A FastMCP server for Dradis

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

literallyblahliterallyblah

Keywords

mcpfastmcpdradis

Readme

Dradis MCP

A FastMCP server implementation for interacting with Dradis Pro, a collaborative platform for information security teams. This MCP allows you to manage projects and vulnerabilities in Dradis directly through your MCP-enabled tools.

Features

  • Project Management
    • Create new projects
    • Get project details
    • Set active project for operations
  • Vulnerability Management
    • Create vulnerabilities
    • Update existing vulnerabilities
    • Get vulnerability details
    • Get all vulnerability details
    • List vulnerabilities with pagination support
  • Content Block Management
    • Get all content blocks in current project
    • Update a content block
  • Document Property Management
    • Get all document properties
    • Create or update a document property
  • Robust error handling and input validation
  • Consistent JSON response formatting

Prerequisites

  • Node.js (v14 or higher)
  • npm
  • A Dradis Pro instance
  • Dradis API token

Installation

npm install

Configuration

Environment Variables

Create a .env file in the root directory with the following variables:

DRADIS_URL=<url>
DRADIS_API_TOKEN=<token>
DRADIS_DEFAULT_TEAM_ID=<teamId>
DRADIS_DEFAULT_TEMPLATE_ID=<templateId>
DRADIS_VULNERABILITY_PARAMETERS=<commaSeparatedParams> // Title,Description,Solution,etc.

MCP Config File

To add Dradis MCP to your MCP configuration, add the following to your config file to mcp.json if you're using 5ire:

{
  "servers": [
    {
      "key": "Dradis",
      "command": "npx",
      "description": "A Model Context Protocol server that provides integration with Dradis note-taking platform",
      "args": ["-y", "dradis-mcp"],
      "env": {
        "DRADIS_URL": "<url:string:Your Dradis instance URL>",
        "DRADIS_API_TOKEN": "<token:string:Your Dradis API token>",
        "DRADIS_DEFAULT_TEAM_ID": "<number:string:Default team ID for project creation>",
        "DRADIS_DEFAULT_TEMPLATE_ID": "<number:string:Default template ID for project creation>"
      },
      "isActive": false
    }
  ]
}

Available Tools

Project Management

  • setProject: Set the current Dradis project

    { projectId: number }

  • getProjectDetails: Get details of the current project

    // No parameters required

  • createProject: Create a new Dradis project

    {
  name: string;
  team_id?: number;  // Optional if DRADIS_DEFAULT_TEAM_ID is set
  report_template_properties_id?: number;  // Optional if DRADIS_DEFAULT_TEMPLATE_ID is set
  author_ids?: number[];
  template?: string;  // Optional if DRADIS_DEFAULT_TEMPLATE is set
}

Vulnerability Management

  • createVulnerability: Create a new vulnerability

    {
  text: string; // Content with #[ ]# field syntax
}

  • getVulnerabilities: List vulnerabilities (25 per page)

    {
  page?: number; // Optional page number
}

  • getVulnerability: Get specific vulnerability

    {
  vulnerabilityId: number;
}

  • updateVulnerability: Update existing vulnerability

    {
  issueId: number;
  parameters: {
    text: string;
  }
}

Content Block Management

  • getContentBlocks: Get all content blocks in current project

    // No parameters required

  • updateContentBlock: Update a content block

    {
  blockId: number;
  contentBlock: {
    content: string;
  }
}

Document Property Management

  • getDocumentProperties: Get all document properties

    // No parameters required

  • upsertDocumentProperty: Create or update a document property

    {
  propertyName: string;
  value: string;
}

Development

To run the server in development mode with the CLI:

npm run dev

To inspect the server using MCP Inspector:

npm run inspect

Building

To build the TypeScript code:

npm run build

Running in Production

To run the built server:

npm start

Project Structure

  • /src - Source code
    • api.ts - Dradis API client implementation
    • config.ts - Configuration loading and validation
    • server.ts - MCP server implementation
    • types.ts - TypeScript type definitions
  • /dist - Compiled JavaScript (generated after build)

Error Handling

The MCP provides detailed error messages for:

  • Missing or invalid configuration
  • API request failures
  • Invalid input parameters
  • Missing project ID
  • Network errors

Response Format

All tool responses are formatted as JSON with consistent structure:

  • Success responses include relevant data and optional success messages
  • Error responses include detailed error messages and context
  • List endpoints include pagination metadata when applicable