Nuclei
Fast, YAML-templated vulnerability scanner for apps, APIs, networks, DNS, and cloud, wrappable as an MCP tool for agents.
🛡️ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for Nuclei, derived from its capabilities.
These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.
Overview
Nuclei is ProjectDiscovery's community-powered vulnerability scanner driven by a simple YAML DSL supporting HTTP, TCP, DNS, SSL, WHOIS, JavaScript, and code protocols. Community MCP wrappers expose scanning, template management, and result retrieval so AI agents and LLMs can run and interpret Nuclei scans programmatically. Giving an agent an active scanner is powerful but carries misuse, scope, and result-injection risks.
Key features
- YAML-DSL templated scanning
- Multi-protocol (HTTP/TCP/DNS/SSL/JS/code)
- Huge community template library
Use cases
- Automated vulnerability scanning in CI/CD
- Agent-driven scanning against known-CVE templates