Stdio Protocol
A Model Context Protocol server that provides CVE checking capabilities via the Opsify API. This server enables LLMs to search for and retrieve CVE (Common Vulnerabilities and Exposures) information using a flexible set of filters.
Warning
This server can access external APIs and may represent a security risk if misconfigured. Ensure your API key and usage comply with your organization’s security policies.
Available Tools
search_cve- Search CVEs with various filters via the Opsify API.cve_id(string, optional): CVE ID to search fortitle(string, optional): Title to search in CVE descriptionstate(string, optional): State to filter bypriority(string, optional): Priority level to filter byseverity(string, optional): Severity level to filter byscore(float, optional): CVSS score to filter byproduct_name(string, optional): Product name to filter affected productsproduct_version(string, optional): Product version to filter affected productsvendor(string, optional): Vendor name to filter affected productsfrom_date(string, optional): Start date for filtering (YYYY-MM-DD or ISO 8601)to_date(string, optional): End date for filtering (YYYY-MM-DD or ISO 8601)skip(int, optional): Number of records to skip (pagination)limit(int, optional): Maximum number of records to return (pagination)
search_release- Search releases with optional filters for vendor, product name, and date range. Supports pagination.vendor(string, optional): Vendor name to filter by (case-insensitive)product_name(string, optional): Product name to filter by (case-insensitive)from_date(string, optional): Start date (inclusive) for filtering (YYYY-MM-DD or ISO datetime)to_date(string, optional): End date (inclusive) for filtering (YYYY-MM-DD or ISO datetime)date_field(string, optional): Which date field to filter on (e.g., “release_date”)page(int, optional): Page number (starting from 1)page_size(int, optional): Number of items per page
get_version_cves- Get CVEs for a specific version of a product. Optionally filter by vendor. Uses caching (TTL: 1 day).product_name(string, required): Product name (e.g., ‘nginx’)version(string, required): Specific version to retrieve CVEs for (e.g., ‘1.0.0’)vendor(string, optional): Vendor name to filter by (case-insensitive)
Usage
python -m check_mcp
Or as a script/entry point:
check-mcp
Example Tool Call
{
"tool": "search_cve",
"arguments": {
"product_name": "nginx",
"severity": "high",
"from_date": "2023-01-01",
"limit": 5
}
}
Installation
Using uv (recommended)
When using uv no specific installation is needed. We will use uvx to directly run check-mcp.
Using pip
Alternatively you can install check-mcp via pip:
pip install check-mcp
After installation, you can run it as a script using:
python -m check_mcp
Configuration
Configure for Claude.app
Add to your Claude settings:
"mcpServers": {
"check": {
"command": "uvx",
"args": ["check-mcp"]
}
}
"mcpServers": {
"check": {
"command": "docker",
"args": ["run", "-i", "--rm", "mcp/check"]
}
}
"mcpServers": {
"check": {
"command": "python",
"args": ["-m", "check_mcp"]
}
}
Configure for VS Code
For quick installation, use one of the one-click install buttons below:
For manual installation, add the following JSON block to your User Settings (JSON) file in VS Code. You can do this by pressing Ctrl + Shift + P and typing Preferences: Open User Settings (JSON).
Optionally, you can add it to a file called .vscode/mcp.json in your workspace. This will allow you to share the configuration with others.
Note
The mcp key is needed when using the mcp.json file.
{
"mcp": {
"servers": {
"check": {
"command": "uvx",
"args": ["check-mcp"]
}
}
}
}
{
"mcp": {
"servers": {
"check": {
"command": "docker",
"args": ["run", "-i", "--rm", "mcp/check"]
}
}
}
}
Debugging
You can use the MCP inspector to debug the server. For uvx installations:
npx @modelcontextprotocol/inspector uvx check-mcp
Or if you’ve installed the package in a specific directory or are developing on it:
cd path/to/servers/src/check
npx @modelcontextprotocol/inspector uv run check-mcp