Summary
Connects Claude or Cursor to middleBrick's API security scanner through three tools: scan_api to check endpoints for vulnerabilities, get_scan to retrieve results, and list_scans to browse scan history. You pass in a URL and optional HTTP method, and it runs checks against OWASP Top 10, LLM-specific risks, and GraphQL vulnerabilities. Requires a middleBrick API key from their dashboard. Useful when you're reviewing API security during development or want to catch common vulnerabilities without leaving your editor. Scans run asynchronously, so you initiate one and poll for results.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
@middlebrick/mcp-server
MCP server for middleBrick API security scanning. Lets AI assistants (Claude, Cursor, etc.) scan APIs for vulnerabilities via tool calls.
Setup
Claude Desktop
Add to ~/Library/Application Support/Claude/claude_desktop_config.json:
{
"mcpServers": {
"middlebrick": {
"command": "npx",
"args": ["-y", "@middlebrick/mcp-server"],
"env": {
"MIDDLEBRICK_API_KEY": "mb_your_key_here"
}
}
}
}
Cursor
Add to .cursor/mcp.json:
{
"mcpServers": {
"middlebrick": {
"command": "npx",
"args": ["-y", "@middlebrick/mcp-server"],
"env": {
"MIDDLEBRICK_API_KEY": "mb_your_key_here"
}
}
}
}
Get your API key at: middlebrick.com/dashboard
Tools
| Tool | Description |
|---|---|
scan_api | Scan an API endpoint for security vulnerabilities |
get_scan | Get results of a previous scan |
list_scans | List previous scans |
scan_api
| Parameter | Type | Required | Description |
|---|---|---|---|
url | string | Yes | API endpoint URL |
method | string | No | HTTP method (default: GET) |
get_scan
| Parameter | Type | Required | Description |
|---|---|---|---|
scanId | string | Yes | Scan ID to retrieve |
list_scans
| Parameter | Type | Required | Description |
|---|---|---|---|
limit | number | No | Max results |
offset | number | No | Skip count |
status | string | No | Filter: queued, processing, completed, failed |
Environment Variables
| Variable | Required | Description |
|---|---|---|
MIDDLEBRICK_API_KEY | Yes | API key |
MIDDLEBRICK_BASE_URL | No | API URL override |
License
Apache 2.0 — middleBrick
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →Configuration
MIDDLEBRICK_API_KEY*secretYour middleBrick API key (get one at middlebrick.com)
Categories
Registryactive
Package@middlebrick/mcp-server
TransportSTDIO
AuthRequired
UpdatedApr 3, 2026
