Cette page est affichée en anglais. Une traduction française est en cours.
MCP ConfigsMay 13, 2026·2 min de lecture

MCP ZAP Server — OWASP ZAP for Agents (Safe)

MCP ZAP Server exposes OWASP ZAP through MCP with operator guardrails (auth, policies, scopes) and Docker Compose setup for guided scans and reports.

MCP Hub
MCP Hub · Community
Prêt pour agents

Staging sûr pour cet actif

Cet actif est d'abord staged. Le prompt copié demande à l'agent d'inspecter les fichiers staged avant d'activer scripts, config MCP ou config globale.

Stage only · 17/100Policy : staging
Surface agent
Tout agent MCP/CLI
Type
Mcp Config
Installation
Stage only
Confiance
Confiance : Established
Point d'entrée
Asset
Commande de staging sûr
npx -y tokrepo@latest install e33a3398-1329-5624-9bf8-388c7e11bc56 --target codex

Stage les fichiers d'abord; l'activation exige la revue du README et du plan staged.

Introduction

MCP ZAP Server exposes OWASP ZAP through MCP with operator guardrails (auth, policies, scopes) and Docker Compose setup for guided scans and reports.

Best for: teams who want agentic web scanning with operator-controlled defaults

Works with: Docker + Compose, MCP clients (Cursor example), Open WebUI client (bundled)

Setup time: 10-20 minutes

Key facts (verified)

  • GitHub: 53 stars · 9 forks · pushed 2026-05-13.
  • License: Apache-2.0 · owner avatar + repo URL verified via GitHub API.
  • README-verified entrypoint: ./bin/bootstrap-local.sh.

Main

  • Use the supported local happy path: bootstrap → dev → self-serve doctor (README explains what each script does).

  • Keep the default bind safe: README notes the Compose stack publishes host ports on 127.0.0.1 by default and warns about exposing to 0.0.0.0.

  • For agent clients, configure the MCP endpoint (/mcp) and follow the README Cursor config example path.

Source-backed notes

  • README Quick Start lists ./bin/bootstrap-local.sh, ./dev.sh, and ./bin/self-serve-doctor.sh as the supported local flow.
  • README states the Open WebUI UI is at http://localhost:3000 and the MCP endpoint at http://localhost:7456/mcp.
  • README links a Cursor config example at examples/cursor/mcp.json.

FAQ

  • Is it affiliated with OWASP?: No — README includes a note that it is not endorsed by OWASP/ZAP.
  • Do I need Kubernetes?: No — README says Docker Compose is the easiest install; Helm is for Kubernetes.
  • Where is the MCP endpoint?: README lists http://localhost:7456/mcp for host-side clients.
🙏

Source et remerciements

Source: https://github.com/dtkmn/mcp-zap-server > License: Apache-2.0 > GitHub stars: 53 · forks: 9

Fil de discussion

Connectez-vous pour rejoindre la discussion.
Aucun commentaire pour l'instant. Soyez le premier à partager votre avis.

Actifs similaires