Hugging Face's logo

Spaces:
Agents-MCP-Hackathon
/
security_mcp_tools
Running

App Files Community
security_mcp_tools
File size: 2,598 Bytes 
4d3c8f5
 
9b03866
4d3c8f5
 
 
374d563
4d3c8f5
 
 
9b03866
374d563
 
 
 
 
4d3c8f5
 
 
9b03866
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
 
---
title: Security Mcp Tools
emoji: 🛡️
colorFrom: gray
colorTo: pink
sdk: gradio
sdk_version: 5.33.1
app_file: app.py
pinned: false
license: mit
tags:
- mcp-server-track
- bandit
- security-scanner
- code-analysis
- modal
short_description: on-demand security analysis for Python code
---

## Bandit Security Scanner (via Modal MCP)

This Gradio application provides an interface to scan Python code for common security vulnerabilities using **Bandit**. The analysis is performed by a Bandit tool running on a [Modal Labs](https://modal.com) Multi-Compute-Platform (MCP) server.

### How to Use

1.  **Input Parameters**:
    *   The input field expects a JSON object.
    *   This JSON object **must** contain a key named `"code"` whose value is the Python code string you want to analyze.
    *   An example is pre-filled for convenience:
        ```json
        {
          "code": "import subprocess\n\n# Example of a potential security risk with subprocess\nsubprocess.call(\"ls -l\", shell=True)"
        }
        ```

2.  **Submit**: Click the "Submit" button.

3.  **Output**:
    *   The application will send the code to the Bandit tool on the Modal MCP server.
    *   The results of the Bandit analysis will be displayed as a JSON object in the output field. This JSON will typically include:
        *   `tool`: "bandit"
        *   `issues`: A list of security issues found, with details like issue text, severity, confidence, line number, and test ID.
        *   `files_analyzed`: Number of files analyzed (usually 1 for the provided code snippet).
        *   Any errors encountered during the process or stderr output from Bandit.

### Configuration

For this application to function correctly, the `MODAL_MCP_ENDPOINT` environment variable must be set. This variable should point to your deployed Modal function that handles MCP tool execution (e.g., the `/execute_tool` endpoint).

*   Create a `.env` file in the `mcp_deploy` directory (or the root of your Space if deploying to Hugging Face Spaces and it's not automatically picked up from this directory).
*   Add the following line to the `.env` file, replacing the placeholder with your actual Modal endpoint URL:
    ```
    MODAL_MCP_ENDPOINT="https://your-username--mcp-server-app-execute-tool.modal.run"
    ```

If the `MODAL_MCP_ENDPOINT` is not set or is incorrect, the application will display an error message upon submission.

### Note
This application is specifically configured to use the "bandit" tool on the MCP server.

### Future works
Add more security tools and expose them through this mcp server.