AgentReadyHomeAgent ListingPricing

← Agent Listing

DevSecOps-MCP (jmstar85)

MCP Tools and AgentsFreeOpen Source

MCP server integrating SAST, DAST, IAST, and SCA tools (incl. OWASP ZAP, npm audit, OSV Scanner, Checkov) for AI-powered DevSecOps.

🛡️ AgentReady threat assessment

MAESTRO 7-layer threat model + OWASP AIVSS risk score for DevSecOps-MCP (jmstar85), derived from its capabilities.

AIVSS 9.1 · Critical
View MAESTRO 7-layer threat model →

These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.

Overview

DevSecOps-MCP is an aggregator MCP server that unifies SAST, DAST, IAST, and SCA scanning behind one interface, wiring in tools like OWASP ZAP, npm audit, OSV Scanner, and Checkov. It lets an AI assistant run comprehensive multi-tool security analysis over code and IaC. Concentrating several active and passive scanners under LLM control makes scope and result-injection handling important.

Key features

Use cases