claude-cybersecurity MCP — Cas d'usage, Installer & Démo en direct

Pourquoi l'utiliser

Fonctionnalités clés

8 parallel specialist agents for different threat surfaces
OWASP 2025, CWE Top 25, MITRE ATT&CK mapping
PCI-DSS and other compliance framework coverage
Business-logic flaw detection (what static tools miss)
AI-generated code patterns flagged (e.g. hallucinated auth)
11+ programming languages, zero dependencies beyond Claude Code

Démo en direct

Aperçu en pratique

claude-cybersecurity-skill.replay ▶ prêt

0/0

Installer

Choisissez votre client

~/Library/Application Support/Claude/claude_desktop_config.json · Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "claude-cybersecurity-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/AgriciDaniel/claude-cybersecurity",
        "~/.claude/skills/claude-cybersecurity"
      ],
      "_inferred": true
    }
  }
}

Ouvrez Claude Desktop → Settings → Developer → Edit Config. Redémarrez après avoir enregistré.

~/.cursor/mcp.json · .cursor/mcp.json

{
  "mcpServers": {
    "claude-cybersecurity-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/AgriciDaniel/claude-cybersecurity",
        "~/.claude/skills/claude-cybersecurity"
      ],
      "_inferred": true
    }
  }
}

Cursor utilise le même schéma mcpServers que Claude Desktop. La config projet l'emporte sur la globale.

VS Code → Cline → MCP Servers → Edit

{
  "mcpServers": {
    "claude-cybersecurity-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/AgriciDaniel/claude-cybersecurity",
        "~/.claude/skills/claude-cybersecurity"
      ],
      "_inferred": true
    }
  }
}

Cliquez sur l'icône MCP Servers dans la barre latérale Cline, puis "Edit Configuration".

~/.codeium/windsurf/mcp_config.json

{
  "mcpServers": {
    "claude-cybersecurity-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/AgriciDaniel/claude-cybersecurity",
        "~/.claude/skills/claude-cybersecurity"
      ],
      "_inferred": true
    }
  }
}

Même format que Claude Desktop. Redémarrez Windsurf pour appliquer.

~/.continue/config.json

{
  "mcpServers": [
    {
      "name": "claude-cybersecurity-skill",
      "command": "git",
      "args": [
        "clone",
        "https://github.com/AgriciDaniel/claude-cybersecurity",
        "~/.claude/skills/claude-cybersecurity"
      ]
    }
  ]
}

Continue utilise un tableau d'objets serveur plutôt qu'une map.

~/.config/zed/settings.json

{
  "context_servers": {
    "claude-cybersecurity-skill": {
      "command": {
        "path": "git",
        "args": [
          "clone",
          "https://github.com/AgriciDaniel/claude-cybersecurity",
          "~/.claude/skills/claude-cybersecurity"
        ]
      }
    }
  }
}

Ajoutez dans context_servers. Zed recharge à chaud à la sauvegarde.

claude mcp add claude-cybersecurity-skill -- git clone https://github.com/AgriciDaniel/claude-cybersecurity ~/.claude/skills/claude-cybersecurity

Une seule ligne. Vérifiez avec claude mcp list. Supprimez avec claude mcp remove.

Cas d'usage

Usages concrets : claude-cybersecurity

Pre-release security review of a new service

👤 Engineering teams before shipping to production ⏱ ~60 min intermediate

Quand l'utiliser : Before a release with a new or heavily changed service.

Prérequis

Skill installed — git clone https://github.com/AgriciDaniel/claude-cybersecurity ~/.claude/skills/claude-cybersecurity

Déroulement

Run the full 8-agent pass

Use claude-cybersecurity on services/payment. Full pass — vulns, authz, secrets, supply chain, IaC, business logic.✓ Copié

→ Report with findings per agent, severity, OWASP/CWE mapping
Triage and route

Group by severity. For each critical/high, draft a GitHub issue with reproduction steps.✓ Copié

→ Issue drafts ready to paste

Résultat : A defensible pre-release sign-off with a paper trail.

Pièges

Treating business-logic flags as false positives automatically — Those are the ones static tools miss — read them twice

Combiner avec : github · repo-forensics-skill

Review AI-generated code for the mistakes LLMs make

👤 Teams accepting lots of PR code from Copilot/Claude/Cursor ⏱ ~45 min intermediate

Quand l'utiliser : Auditing merged or pending PRs that were AI-assisted.

Déroulement

Focus on the AI-code agent

Use claude-cybersecurity — ai-code patterns only. Flag: hallucinated middleware, plausible-but-wrong crypto, trust-all defaults.✓ Copié

→ Pattern-specific flags
Cross-check authz flags

Now run the authorization agent — AI tends to miss role checks on non-happy paths.✓ Copié

→ Authz matrix showing gaps

Résultat : Catch the class of mistakes LLMs make before they ship.

Combiner avec : github

Sweep infrastructure-as-code for dangerous defaults

👤 Platform teams ⏱ ~30 min intermediate

Quand l'utiliser : Before merging Terraform / K8s / CloudFormation changes.

Déroulement

Run IaC agent

Use claude-cybersecurity IaC agent on terraform/ — flag public S3, open security groups, privileged pods.✓ Copié

→ Misconfigs with severity + fix diffs

Résultat : Clean IaC before it hits the cluster.

Scan for malware / C2 / backdoor patterns in dependencies

👤 Security engineers auditing third-party code ⏱ ~30 min intermediate

Quand l'utiliser : New dependency coming in, or suspicious dep update.

Déroulement

Run threat-intel agent

Run claude-cybersecurity threat-intel on node_modules — known malicious patterns.✓ Copié

→ Pattern matches (or clean)

Résultat : Early warning before a malicious package slips in.

Pièges

False positives on obfuscated legitimate libs (e.g. minified SDKs) — Cross-check with published source; don't auto-remove

Combiner avec : repo-forensics-skill

Combinaisons

Associez-le à d'autres MCPs pour un effet X10

claude-cybersecurity-skill + repo-forensics-skill

Layer supply-chain + install-time audits with app-level code review

Run repo-forensics on the dep tree, then claude-cybersecurity on our app code.✓ Copié

claude-cybersecurity-skill + github

Auto-file issues for each high-severity finding

After the review, open a GitHub issue per high finding with CWE + remediation.✓ Copié

Outils

Ce que ce MCP expose

Outil	Entrées	Quand appeler
agent_vulns	code path	Standard review
agent_authz	code path	Multi-role apps
agent_secrets	code path	Always
agent_supply_chain	manifest files	Dep updates
agent_iac	iac dir	Infra PRs
agent_threat_intel	code/deps path	Third-party audits
agent_ai_code	code path	AI-assisted PRs
agent_business_logic	code path, domain hints	High-trust workflows (payments, auth)

Coût et limites

Coût d'exécution

Quota d'API: None
Tokens par appel: High — 8 agents in parallel
Monétaire: Free
Astuce: Scope to the diff of a PR rather than whole repo when you can

Sécurité

Permissions, secrets, portée

Portées minimales : Read on the code under review

Stockage des identifiants : None

Sortie de données : None beyond LLM call — findings stay local

Ne jamais accorder : Write access to the audited repo during review

This is defensive. Do not use agent output as proof of exploitation — these are findings, not confirmed vulns.
Complement, don't replace, established SAST/SCA tools.

Dépannage

Erreurs courantes et correctifs

Too many findings to process

Filter by severity=high,critical first; revisit rest iteratively

Agent mislabels framework conventions as vulns

Provide framework context: 'this is Rails, strong_params is in use'

Alternatives

claude-cybersecurity vs autres

Alternative	Quand l'utiliser	Compromis
repo-forensics	You need install-time / supply-chain vetting, not app code review	Different threat model
GitHub Advanced Security (CodeQL)	You want SAST integrated into the PR workflow	Misses business logic and AI patterns

Plus

Ressources

📖 Lire le README officiel sur GitHub

🐙 Voir les issues ouvertes

🔍 Parcourir les 400+ serveurs MCP et Skills