Hugging Face's logo

Spaces:
Agents-MCP-Hackathon
/
security_mcp_tools
Running

App Files Community
security_mcp_tools / README.md
keshan's picture
keshan
Update README.md
374d563 verified
preview code
|
raw
history blame contribute delete
2.6 kB

A newer version of the Gradio SDK is available: 5.44.1

Upgrade
metadata
title: Security Mcp Tools
emoji: 🛡️
colorFrom: gray
colorTo: pink
sdk: gradio
sdk_version: 5.33.1
app_file: app.py
pinned: false
license: mit
tags:
  - mcp-server-track
  - bandit
  - security-scanner
  - code-analysis
  - modal
short_description: on-demand security analysis for Python code

Bandit Security Scanner (via Modal MCP)

This Gradio application provides an interface to scan Python code for common security vulnerabilities using Bandit. The analysis is performed by a Bandit tool running on a Modal Labs Multi-Compute-Platform (MCP) server.

How to Use

  1. Input Parameters:

    • The input field expects a JSON object.
    • This JSON object must contain a key named "code" whose value is the Python code string you want to analyze.
    • An example is pre-filled for convenience:
      {
  "code": "import subprocess\n\n# Example of a potential security risk with subprocess\nsubprocess.call(\"ls -l\", shell=True)"
}

  2. Submit: Click the "Submit" button.

  3. Output:

    • The application will send the code to the Bandit tool on the Modal MCP server.
    • The results of the Bandit analysis will be displayed as a JSON object in the output field. This JSON will typically include:
      • tool: "bandit"
      • issues: A list of security issues found, with details like issue text, severity, confidence, line number, and test ID.
      • files_analyzed: Number of files analyzed (usually 1 for the provided code snippet).
      • Any errors encountered during the process or stderr output from Bandit.

Configuration

For this application to function correctly, the MODAL_MCP_ENDPOINT environment variable must be set. This variable should point to your deployed Modal function that handles MCP tool execution (e.g., the /execute_tool endpoint).

  • Create a .env file in the mcp_deploy directory (or the root of your Space if deploying to Hugging Face Spaces and it's not automatically picked up from this directory).
  • Add the following line to the .env file, replacing the placeholder with your actual Modal endpoint URL:
    MODAL_MCP_ENDPOINT="https://your-username--mcp-server-app-execute-tool.modal.run"

If the MODAL_MCP_ENDPOINT is not set or is incorrect, the application will display an error message upon submission.

Note

This application is specifically configured to use the "bandit" tool on the MCP server.

Future works

Add more security tools and expose them through this mcp server.