MCP Servers

A collection of Model Context Protocol servers, templates, tools and more.

M
MCP Snyks
by @viamus
GitHub Repo(1 stars)

MCP Snyks is a secure automation layer that integrates Snyk vulnerability scanning into AI-driven workflows and DevOps pipelines. It enables agents to detect, analyze, and remediate security issues across repositories, dependencies, containers, and IaC—bringing continuous security intelligence directly into PR flows and engineering governance.

Created 2/26/2026
Updated about 7 hours ago
README
View Source
Repository documentation and setup instructions

MCP Snyk Server

Build and Test .NET License MCP

A Model Context Protocol (MCP) server that provides AI assistants with access to the Snyk security platform. Query vulnerabilities, manage projects, inspect dependencies, and retrieve SBOMs — all through natural language via any MCP-compatible client.

Built with .NET 10, ASP.NET Core, and the official ModelContextProtocol SDK.

Available Tools

| Tool | Description | |---|---| | ListOrganizations | List all Snyk organizations accessible by the authenticated user | | ListProjects | List projects in an organization (filter by target, origin) | | GetProject | Get detailed information about a specific project | | DeleteProject | Delete a project (irreversible) | | ListIssues | List security vulnerabilities (filter by project, severity, status) | | GetIssue | Get detailed issue info including affected packages | | ListDependencies | List dependencies with vulnerability counts and license info | | ListTargets | List targets (repos/images) that are sources of projects | | ListAuditLogs | Search organization audit logs for security events | | GetProjectSbom | Get SBOM in CycloneDX or SPDX format |

Quick Start

Prerequisites

1. Get Your Snyk API Token

  1. Log in to Snyk
  2. Go to Account SettingsGeneralAuth Token
  3. Click Generate or copy your existing token

2. Clone and Configure

git clone https://github.com/viamus/mcp-snyks.git
cd mcp-snyks

# Copy and edit environment file
cp .env.example .env
# Edit .env and set SNYK_API_TOKEN=your-token-here

3. Run the Server

Option A: .NET CLI

cd src/Viamus.Snyks.Mcp.Server
dotnet run

The server starts at http://localhost:5100 by default.

Option B: Docker Compose

docker compose up -d

The server starts at http://localhost:5001.

Option C: Self-Contained Executable

dotnet publish src/Viamus.Snyks.Mcp.Server -c Release -o ./publish
./publish/Viamus.Snyks.Mcp.Server

Client Configuration

Claude Desktop

Add to your claude_desktop_config.json:

{
  "mcpServers": {
    "snyk": {
      "url": "http://localhost:5100/sse"
    }
  }
}

Claude Code

claude mcp add snyk --transport sse http://localhost:5100/sse

With Server API Key Protection

If you enable SERVER_REQUIRE_API_KEY=true, clients must send the key in the X-Api-Key header:

{
  "mcpServers": {
    "snyk": {
      "url": "http://localhost:5100/sse",
      "headers": {
        "X-Api-Key": "your-server-api-key"
      }
    }
  }
}

Usage Examples

Once connected, you can ask your AI assistant things like:

  • "List all my Snyk organizations"
  • "Show me the projects in organization X"
  • "What critical vulnerabilities exist in my org?"
  • "List dependencies with high severity issues"
  • "Get the SBOM for project Y"
  • "Show me the audit logs for the last actions"
  • "What targets do I have from GitHub?"

Configuration

Environment Variables

| Variable | Required | Default | Description | |---|---|---|---| | SNYK_API_TOKEN | Yes | — | Your Snyk Personal Access Token (PAT) | | SNYK_BASE_URL | No | https://api.snyk.io | Snyk API base URL | | SNYK_API_VERSION | No | 2024-10-15 | Snyk REST API version | | SERVER_REQUIRE_API_KEY | No | false | Require API key for MCP requests | | SERVER_API_KEY | No | — | API key for server authentication |

Multi-Region Support

| Region | Base URL | |---|---| | US (default) | https://api.snyk.io | | EU | https://api.eu.snyk.io | | AU | https://api.au.snyk.io |

Configuration via appsettings.json

{
  "Snyk": {
    "ApiToken": "your-token",
    "BaseUrl": "https://api.snyk.io",
    "ApiVersion": "2024-10-15"
  },
  "ServerSecurity": {
    "ApiKey": "",
    "RequireApiKey": false
  }
}

Project Structure

mcp-snyks/
├── src/
│   └── Viamus.Snyks.Mcp.Server/
│       ├── Configuration/          # Settings classes
│       │   ├── ServerSecuritySettings.cs
│       │   └── SnykSettings.cs
│       ├── Middleware/             # API key auth middleware
│       │   └── ApiKeyMiddleware.cs
│       ├── Models/                # Snyk API response models
│       │   ├── SnykAuditLog.cs
│       │   ├── SnykDependency.cs
│       │   ├── SnykIssue.cs
│       │   ├── SnykOrganization.cs
│       │   ├── SnykProject.cs
│       │   ├── SnykResponses.cs
│       │   └── SnykTarget.cs
│       ├── Services/              # Snyk API client
│       │   ├── ISnykApiClient.cs
│       │   └── SnykApiClient.cs
│       ├── Tools/                 # MCP tool definitions
│       │   ├── AuditLogTools.cs
│       │   ├── DependencyTools.cs
│       │   ├── IssueTools.cs
│       │   ├── OrganizationTools.cs
│       │   ├── ProjectTools.cs
│       │   ├── SbomTools.cs
│       │   └── TargetTools.cs
│       ├── Program.cs
│       ├── Dockerfile
│       └── appsettings.json
├── tests/
│   └── Viamus.Snyks.Mcp.Server.Tests/
├── docker-compose.yml
├── .env.example
└── Solution.slnx

Development

Build

dotnet build Solution.slnx

Test

dotnet test Solution.slnx

Test with Coverage

dotnet test Solution.slnx --collect:"XPlat Code Coverage"

API Reference

This server wraps the Snyk REST API and the Snyk V1 API (for dependencies). Authentication is done via Personal Access Token (PAT) passed as a token in the Authorization header.

Snyk REST API Endpoints Used

  • GET /rest/orgs — List organizations
  • GET /rest/orgs/{org_id}/projects — List projects
  • GET /rest/orgs/{org_id}/projects/{project_id} — Get project
  • DELETE /rest/orgs/{org_id}/projects/{project_id} — Delete project
  • GET /rest/orgs/{org_id}/issues — List issues
  • GET /rest/orgs/{org_id}/issues/{issue_id} — Get issue
  • GET /rest/orgs/{org_id}/targets — List targets
  • GET /rest/orgs/{org_id}/audit_logs/search — Audit logs
  • GET /rest/orgs/{org_id}/projects/{project_id}/sbom — SBOM export

Snyk V1 API Endpoints Used

  • GET /v1/org/{org_id}/dependencies — List dependencies

Troubleshooting

"Snyk API returned 401"

Your API token is invalid or expired. Generate a new PAT from Snyk Account Settings.

"Snyk API returned 403"

Your token doesn't have permission for the requested organization. Verify your org membership.

"Snyk API returned 404"

The organization, project, or issue ID doesn't exist. Verify the IDs using ListOrganizations and ListProjects first.

Connection refused

Make sure the server is running and the port matches your client configuration.

Contributing

See CONTRIBUTING.md for development guidelines.

Security

See SECURITY.md for security policy and vulnerability reporting.

License

This project is licensed under the MIT License.

Quick Setup
Installation guide for this server

Installation Command (package not published)

git clone https://github.com/viamus/mcp-snyks
Manual Installation: Please check the README for detailed setup instructions and any additional dependencies required.

Cursor configuration (mcp.json)

{ "mcpServers": { "viamus-mcp-snyks": { "command": "git", "args": [ "clone", "https://github.com/viamus/mcp-snyks" ] } } }
Author Servers
Other servers by viamus

MCP Datadog

A Datadog MCP implemented in C# that exposes logs, metrics, traces, and monitors as structured context for AI agents, enabling automated observability analysis, test validation, incident investigation, and operational insights.

2