Nuclei

v1.0.0Securitystable

An implementation of a Model Context Protocol (MCP) for the Nuclei scanner. This tool enables context-aware vulnerability scanning by intelligently providing models and context to the scanning engine, allowing for more efficient and targeted template

aiintelligent-scanningnucleivulnerability-scanners
Share:
47
Stars
0
Downloads
0
Weekly
0/5

What is Nuclei?

Nuclei is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to implementation of a model context protocol (mcp) for the nuclei scanner. this tool enables context-aware vulnerability scanning by intelligently providing models and context to the scanning engine, al...

An implementation of a Model Context Protocol (MCP) for the Nuclei scanner. This tool enables context-aware vulnerability scanning by intelligently providing models and context to the scanning engine, allowing for more efficient and targeted template

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • An implementation of a Model Context Protocol (MCP) for the

Use Cases

Vulnerability scanning with context
Intelligent security template execution
tobiasGuta

Maintainer

LicenseMIT
Languagego
Versionv1.0.0
UpdatedApr 27, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

NPM

npx -y nuclei

Manual Installation

npx -y nuclei

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Nuclei

The nuclei-mcp server wraps Projectdiscovery's Nuclei vulnerability scanner in an MCP interface, enabling AI assistants to perform context-aware security scanning against targets loaded from HackerOne scope files. It provides three tools for running Nuclei scans with severity and rate-limit controls, checking whether a target is in-scope before scanning, and listing all programs with their bounty eligibility status. The server runs inside Docker to ensure the Nuclei binary and dependencies are consistently available, making it ideal for bug bounty hunters and security researchers who want AI-assisted vulnerability discovery.

Prerequisites

  • Docker installed and running on your machine
  • Nuclei scan templates (the Docker image includes them, or mount your own)
  • HackerOne scope JSON snapshot files (optional but required for scope checking and program listing tools)
  • An MCP client such as Claude Desktop
1

Clone the repository

Download the nuclei-mcp server source code from GitHub.

git clone https://github.com/tobiasGuta/nuclei-mcp.git
cd nuclei-mcp
2

Build the Docker image

Build the Docker image that bundles Nuclei and the MCP server together.

docker build -t nuclei-mcp .
3

Prepare your scope snapshot directory

If you have HackerOne scope JSON files, place them in a directory on your host. This directory will be mounted into the container as SNAPSHOTS_DIR. The server uses these files for scope validation and program listing.

4

Configure Claude Desktop

Add the nuclei-mcp server to your claude_desktop_config.json, mounting your snapshots directory and setting environment variables for the container.

{
  "mcpServers": {
    "nuclei-mcp": {
      "command": "docker",
      "args": [
        "run", "-i", "--rm",
        "-v", "/path/to/snapshots:/data/snapshots",
        "-e", "SNAPSHOTS_DIR=/data/snapshots",
        "nuclei-mcp"
      ]
    }
  }
}
5

Restart Claude Desktop and run a test scan

Quit and relaunch Claude Desktop. Ask Claude to check scope for a domain or run a Nuclei scan to verify everything is working.

Nuclei Examples

Client configuration

Claude Desktop configuration using Docker with a mounted snapshots directory for scope management.

{
  "mcpServers": {
    "nuclei-mcp": {
      "command": "docker",
      "args": [
        "run", "-i", "--rm",
        "-v", "/Users/you/h1-snapshots:/data/snapshots",
        "-e", "SNAPSHOTS_DIR=/data/snapshots",
        "-e", "SCAN_TIMEOUT_SECONDS=300",
        "nuclei-mcp"
      ]
    }
  }
}

Prompts to try

Example prompts using the nuclei_scan, check_scope, and list_programs tools.

- "Is api.example.com in scope for any bug bounty program?"
- "Run a Nuclei scan on target.example.com for critical and high severity findings"
- "List all programs with their bounty eligibility status"
- "Scan api.target.com using only CVE templates with a rate limit of 50 requests per second"
- "Check if subdomain.corp.example.com is bounty eligible"

Troubleshooting Nuclei

Docker container exits immediately without output

Ensure the Docker image was built successfully with `docker build -t nuclei-mcp .` and that no build errors occurred. Run `docker run -it nuclei-mcp /bin/sh` to enter the container interactively and check if the Nuclei binary is present at the NUCLEI_BIN path.

Scope check returns 'no programs found' even with snapshot files

Verify the volume mount path is correct: the local path before the colon must be an absolute path to your snapshots directory and must actually contain JSON files. Check with `ls /path/to/snapshots` on your host. The SNAPSHOTS_DIR env var inside the container must match the mount destination.

Scans time out before completing

Increase SCAN_TIMEOUT_SECONDS in the Docker run args (default is 300 seconds). For large scans, also reduce the rate_limit parameter when calling nuclei_scan to avoid overloading the target, which can cause connections to drop and extend scan time.

Frequently Asked Questions about Nuclei

What is Nuclei?

Nuclei is a Model Context Protocol (MCP) server that implementation of a model context protocol (mcp) for the nuclei scanner. this tool enables context-aware vulnerability scanning by intelligently providing models and context to the scanning engine, allowing for more efficient and targeted template It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Nuclei?

Install via npm with the command: npx -y nuclei. Then add the server configuration to your AI client's JSON config file (e.g., claude_desktop_config.json or .cursor/mcp.json).

Which AI clients work with Nuclei?

Nuclei works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Nuclei free to use?

Yes, Nuclei is open source and available under the MIT license. You can use it freely in both personal and commercial projects.

Nuclei Alternatives — Similar Security Servers

Looking for alternatives to Nuclei? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "nuclei": { "command": "npx", "args": ["-y", "nuclei"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Nuclei?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides