Metadata-Version: 2.4
Name: argus-scan
Version: 0.1.0
Summary: Argus — open-source security scanner with many eyes. SAST, DAST, SCA, Secrets, IaC, Terraform, Ansible via CLI and MCP.
Project-URL: Homepage, https://github.com/your-org/argus-mcp
Project-URL: Repository, https://github.com/your-org/argus-mcp
Project-URL: Issues, https://github.com/your-org/argus-mcp/issues
Project-URL: Documentation, https://github.com/your-org/argus-mcp/blob/main/README.md
License: MIT License
        
        Copyright (c) 2026 codetesting-mcp contributors
        
        Permission is hereby granted, free of charge, to any person obtaining a copy
        of this software and associated documentation files (the "Software"), to deal
        in the Software without restriction, including without limitation the rights
        to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
        copies of the Software, and to permit persons to whom the Software is
        furnished to do so, subject to the following conditions:
        
        The above copyright notice and this permission notice shall be included in all
        copies or substantial portions of the Software.
        
        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
        SOFTWARE.
License-File: LICENSE
Keywords: ai,ansible-lint,argus,bandit,code-scanning,dast,devsecops,gitleaks,mcp,owasp-zap,sast,sca,security,semgrep,tfsec,trivy,vulnerability
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Testing
Requires-Python: >=3.10
Requires-Dist: anyio>=4.0.0
Requires-Dist: mcp>=1.0.0
Provides-Extra: all-tools
Requires-Dist: ansible-lint>=6.0.0; extra == 'all-tools'
Requires-Dist: bandit>=1.7.0; extra == 'all-tools'
Requires-Dist: checkov>=3.0.0; extra == 'all-tools'
Requires-Dist: detect-secrets>=1.4.0; extra == 'all-tools'
Requires-Dist: flake8-bandit>=4.0.0; extra == 'all-tools'
Requires-Dist: flake8>=6.0.0; extra == 'all-tools'
Requires-Dist: pip-audit>=2.0.0; extra == 'all-tools'
Requires-Dist: safety>=3.0.0; extra == 'all-tools'
Requires-Dist: semgrep>=1.0.0; extra == 'all-tools'
Provides-Extra: dev
Requires-Dist: mypy>=1.0.0; extra == 'dev'
Requires-Dist: pytest-asyncio>=0.23.0; extra == 'dev'
Requires-Dist: pytest-cov>=4.0.0; extra == 'dev'
Requires-Dist: pytest>=7.0.0; extra == 'dev'
Requires-Dist: ruff>=0.1.0; extra == 'dev'
Description-Content-Type: text/markdown

# argus-mcp (Python)

An **MCP server** that gives AI assistants (Claude, Cursor, etc.) the ability to run comprehensive security scans on your codebase.

## What It Does

Exposes the following **MCP tools** for use by any MCP-compatible AI client:

| Tool | Description | Scanners |
|------|-------------|----------|
| `scan_sast` | Static code analysis | Semgrep, Bandit, ESLint-security |
| `scan_dast` | Dynamic web app scanning | OWASP ZAP, Nikto |
| `scan_sca` | Dependency vulnerability scanning | Trivy, Safety, pip-audit, npm audit |
| `scan_secrets` | Leaked secrets & credentials | Gitleaks, detect-secrets, TruffleHog |
| `scan_iac` | IaC misconfiguration scanning | Checkov, Trivy config, Terrascan |
| `scan_container` | Container image scanning | Trivy |
| `scan_all` | Full scan (all of the above) | All tools |
| `check_tools` | Check tool availability | — |

## Installation

```bash
pip install argus-scan
```

Install with all Python-native security tools:

```bash
pip install "argus-scan[all-tools]"
```

## Usage

### Run the MCP Server

```bash
argus-mcp
```

The server communicates via **stdio** (standard MCP transport).

### Configure in Cursor / Claude Desktop

Add to your MCP configuration (`~/.cursor/mcp.json` or `claude_desktop_config.json`):

```json
{
  "mcpServers": {
    "argus": {
      "command": "argus-scan"
    }
  }
}
```

Or with `uvx` (no installation required):

```json
{
  "mcpServers": {
    "argus": {
      "command": "uvx",
      "args": ["argus-scan"]
    }
  }
}
```

## External Tool Dependencies

The MCP server wraps these external tools. Install the ones you need:

### SAST
```bash
pip install semgrep bandit flake8 flake8-bandit   # Python SAST
npm install -g eslint eslint-plugin-security       # JS/TS SAST
```

### DAST
```bash
docker pull ghcr.io/zaproxy/zaproxy:stable         # OWASP ZAP (recommended)
brew install nikto                                  # Nikto
```

### SCA
```bash
# Trivy (cross-platform)
brew install trivy
# OR
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh

pip install safety pip-audit                        # Python SCA
```

### Secret Scanning
```bash
brew install gitleaks trufflehog                   # macOS
pip install detect-secrets                          # cross-platform
```

### IaC
```bash
pip install checkov                                 # Checkov
brew install terrascan                              # Terrascan
```

## Example: Ask Claude to Scan Your Code

Once configured, you can ask:

- *"Scan `/path/to/myproject` for security vulnerabilities"*
- *"Check my Python code for OWASP Top 10 issues using Semgrep"*
- *"Are there any hardcoded secrets in this repository?"*
- *"Scan my Kubernetes manifests for misconfigurations"*
- *"Run a full security audit of my codebase"*

## Development

```bash
git clone https://github.com/your-org/argus-mcp
cd argus-mcp/packages/python
pip install -e ".[dev]"
pytest
```

## License

MIT
