Nuclei
An implementation of a Model Context Protocol (MCP) for the Nuclei scanner. This tool enables context-aware vulnerability scanning by intelligently providing models and context to the scanning engine, allowing for more efficient and targeted template
What is Nuclei?
Nuclei is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to implementation of a model context protocol (mcp) for the nuclei scanner. this tool enables context-aware vulnerability scanning by intelligently providing models and context to the scanning engine, al...
An implementation of a Model Context Protocol (MCP) for the Nuclei scanner. This tool enables context-aware vulnerability scanning by intelligently providing models and context to the scanning engine, allowing for more efficient and targeted template
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- An implementation of a Model Context Protocol (MCP) for the
Use Cases
Maintainer
Works with
Installation
NPM
npx -y nucleiManual Installation
npx -y nucleiConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use Nuclei
The nuclei-mcp server wraps Projectdiscovery's Nuclei vulnerability scanner in an MCP interface, enabling AI assistants to perform context-aware security scanning against targets loaded from HackerOne scope files. It provides three tools for running Nuclei scans with severity and rate-limit controls, checking whether a target is in-scope before scanning, and listing all programs with their bounty eligibility status. The server runs inside Docker to ensure the Nuclei binary and dependencies are consistently available, making it ideal for bug bounty hunters and security researchers who want AI-assisted vulnerability discovery.
Prerequisites
- Docker installed and running on your machine
- Nuclei scan templates (the Docker image includes them, or mount your own)
- HackerOne scope JSON snapshot files (optional but required for scope checking and program listing tools)
- An MCP client such as Claude Desktop
Clone the repository
Download the nuclei-mcp server source code from GitHub.
git clone https://github.com/tobiasGuta/nuclei-mcp.git
cd nuclei-mcpBuild the Docker image
Build the Docker image that bundles Nuclei and the MCP server together.
docker build -t nuclei-mcp .Prepare your scope snapshot directory
If you have HackerOne scope JSON files, place them in a directory on your host. This directory will be mounted into the container as SNAPSHOTS_DIR. The server uses these files for scope validation and program listing.
Configure Claude Desktop
Add the nuclei-mcp server to your claude_desktop_config.json, mounting your snapshots directory and setting environment variables for the container.
{
"mcpServers": {
"nuclei-mcp": {
"command": "docker",
"args": [
"run", "-i", "--rm",
"-v", "/path/to/snapshots:/data/snapshots",
"-e", "SNAPSHOTS_DIR=/data/snapshots",
"nuclei-mcp"
]
}
}
}Restart Claude Desktop and run a test scan
Quit and relaunch Claude Desktop. Ask Claude to check scope for a domain or run a Nuclei scan to verify everything is working.
Nuclei Examples
Client configuration
Claude Desktop configuration using Docker with a mounted snapshots directory for scope management.
{
"mcpServers": {
"nuclei-mcp": {
"command": "docker",
"args": [
"run", "-i", "--rm",
"-v", "/Users/you/h1-snapshots:/data/snapshots",
"-e", "SNAPSHOTS_DIR=/data/snapshots",
"-e", "SCAN_TIMEOUT_SECONDS=300",
"nuclei-mcp"
]
}
}
}Prompts to try
Example prompts using the nuclei_scan, check_scope, and list_programs tools.
- "Is api.example.com in scope for any bug bounty program?"
- "Run a Nuclei scan on target.example.com for critical and high severity findings"
- "List all programs with their bounty eligibility status"
- "Scan api.target.com using only CVE templates with a rate limit of 50 requests per second"
- "Check if subdomain.corp.example.com is bounty eligible"Troubleshooting Nuclei
Docker container exits immediately without output
Ensure the Docker image was built successfully with `docker build -t nuclei-mcp .` and that no build errors occurred. Run `docker run -it nuclei-mcp /bin/sh` to enter the container interactively and check if the Nuclei binary is present at the NUCLEI_BIN path.
Scope check returns 'no programs found' even with snapshot files
Verify the volume mount path is correct: the local path before the colon must be an absolute path to your snapshots directory and must actually contain JSON files. Check with `ls /path/to/snapshots` on your host. The SNAPSHOTS_DIR env var inside the container must match the mount destination.
Scans time out before completing
Increase SCAN_TIMEOUT_SECONDS in the Docker run args (default is 300 seconds). For large scans, also reduce the rate_limit parameter when calling nuclei_scan to avoid overloading the target, which can cause connections to drop and extend scan time.
Frequently Asked Questions about Nuclei
What is Nuclei?
Nuclei is a Model Context Protocol (MCP) server that implementation of a model context protocol (mcp) for the nuclei scanner. this tool enables context-aware vulnerability scanning by intelligently providing models and context to the scanning engine, allowing for more efficient and targeted template It connects AI assistants to external tools and data sources through a standardized interface.
How do I install Nuclei?
Install via npm with the command: npx -y nuclei. Then add the server configuration to your AI client's JSON config file (e.g., claude_desktop_config.json or .cursor/mcp.json).
Which AI clients work with Nuclei?
Nuclei works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is Nuclei free to use?
Yes, Nuclei is open source and available under the MIT license. You can use it freely in both personal and commercial projects.
Nuclei Alternatives — Similar Security Servers
Looking for alternatives to Nuclei? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
★ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up Nuclei in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use Nuclei?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.