AgentHubAgentHub

DefectDojo

MCP ServerMCP Registry官方收录

io.github.inspicere/mcp-defectdojo · v3.3.2

MCP server for DefectDojo: 24 tools with RBAC, HMAC audit chain, and SIEM forwarding

源仓库

概览

DefectDojo 是一个MCP Server,收录自 官方 MCP Registry。支持 stdio 传输。本页提供 Cursor、Claude Code 等客户端的安装配置片段。

安装

选择你的平台查看安装方式

{
  "mcpServers": {
    "mcp-defectdojo": {
      "command": "uvx",
      "args": [
        "mcp-defectdojo"
      ],
      "env": {
        "DEFECTDOJO_URL": "<DEFECTDOJO_URL>",
        "DEFECTDOJO_API_KEY": "<DEFECTDOJO_API_KEY>"
      }
    }
  }
}

环境变量

DEFECTDOJO_URL必填

Base URL of the DefectDojo instance (must use https:// unless ALLOW_INSECURE_HTTP=true)

DEFECTDOJO_API_KEY必填secret

API key for DefectDojo (generate at DefectDojo > API v2 > Your API Key). Use DEFECTDOJO_READ_API_KEY + DEFECTDOJO_WRITE_API_KEY for least-privilege dual-key mode.

DEFECTDOJO_READ_API_KEY可选secret

Optional read-only API key (used for GET requests in dual-key mode)

DEFECTDOJO_WRITE_API_KEY可选secret

Optional write API key (used for POST/PATCH in dual-key mode)

MCP_AUTH_TOKEN可选secret

Bearer token granting admin-role access (legacy single-token mode — prefer MCP_ROLE_<NAME>=<token>:<role> for RBAC)

AUDIT_HMAC_KEY可选secret

HMAC key for audit log integrity chain. Required for cross-restart log verification on network transports. Generate with: python3 -c 'import secrets; print(secrets.token_hex(32))'

相关资源

统一 Manifest

{
  "id": "io.github.inspicere/mcp-defectdojo",
  "type": "mcp-server",
  "version": "3.3.2",
  "displayName": "DefectDojo",
  "description": "MCP server for DefectDojo: 24 tools with RBAC, HMAC audit chain, and SIEM forwarding",
  "repository": {
    "url": "https://github.com/inspicere/mcp-defectdojo",
    "source": "github"
  },
  "distribution": {
    "packages": [
      {
        "registryType": "pypi",
        "identifier": "mcp-defectdojo",
        "version": "3.3.2",
        "runtimeHint": "uvx",
        "transport": "stdio",
        "environmentVariables": [
          {
            "name": "DEFECTDOJO_URL",
            "description": "Base URL of the DefectDojo instance (must use https:// unless ALLOW_INSECURE_HTTP=true)",
            "isRequired": true
          },
          {
            "name": "DEFECTDOJO_API_KEY",
            "description": "API key for DefectDojo (generate at DefectDojo > API v2 > Your API Key). Use DEFECTDOJO_READ_API_KEY + DEFECTDOJO_WRITE_API_KEY for least-privilege dual-key mode.",
            "isRequired": true,
            "isSecret": true
          },
          {
            "name": "DEFECTDOJO_READ_API_KEY",
            "description": "Optional read-only API key (used for GET requests in dual-key mode)",
            "isSecret": true
          },
          {
            "name": "DEFECTDOJO_WRITE_API_KEY",
            "description": "Optional write API key (used for POST/PATCH in dual-key mode)",
            "isSecret": true
          },
          {
            "name": "MCP_AUTH_TOKEN",
            "description": "Bearer token granting admin-role access (legacy single-token mode — prefer MCP_ROLE_<NAME>=<token>:<role> for RBAC)",
            "isSecret": true
          },
          {
            "name": "AUDIT_HMAC_KEY",
            "description": "HMAC key for audit log integrity chain. Required for cross-restart log verification on network transports. Generate with: python3 -c 'import secrets; print(secrets.token_hex(32))'",
            "isSecret": true
          }
        ]
      }
    ],
    "remotes": []
  },
  "dependencies": [],
  "installTargets": [
    "claude-code",
    "claude-desktop",
    "cursor",
    "vscode"
  ],
  "keywords": [],
  "provenance": {
    "origin": "official-mcp-registry",
    "originalId": "io.github.inspicere/mcp-defectdojo",
    "originalUrl": "https://registry.modelcontextprotocol.io/v0.1/servers/io.github.inspicere%2Fmcp-defectdojo/versions/latest",
    "isOfficial": true,
    "status": "active"
  }
}
DefectDojo — MCP Server 安装与配置 · AgentHub