StackHawk
A Model Context Protocol (MCP) server for integrating with StackHawk's security scanning platform. Provides security analytics, YAML configuration management, sensitive data/threat surface analysis, and anti-hallucination tools for LLMs.
194
18 Tools
Packaged by
Requires Secrets
Add to Docker Desktop
Version 4.43 or later needs to be installed to add the server automatically
Tools
| Name | Description |
|---|---|
analyze_sensitive_data_trends | Analyze sensitive data trends and changes over time for an organization. Provides time-based, asset-level trend analysis by application and repository. Use this to answer questions like 'How is sensitive data risk changing over time?' or 'Which apps are trending up or down in exposure?'. For a current grouped snapshot, use get_sensitive_data_report instead. |
create_stackhawk_config | Create a StackHawk configuration file |
generate_security_dashboard | Generate a security dashboard for an organization |
generate_sensitive_data_summary | Generate a sensitive data summary for an organization |
get_app_findings_for_triage | Get triage-worthy findings for a project or application at or above the configured failureThreshold (or High/Medium if not set). Accepts app_id, config_path, or config_content. |
get_critical_sensitive_data | Get critical sensitive data findings for an organization |
get_organization_info | Get information about a StackHawk organization |
get_sensitive_data | Get sensitive data findings for a specific application or repository. Use this for asset-level triage and remediation. |
get_sensitive_data_report | Get a grouped and summarized sensitive data report for an entire organization (current snapshot). Use this for org-wide analytics, compliance, and reporting. For trends or changes over time, use analyze_sensitive_data_trends. |
get_stackhawk_scan_instructions | Get instructions for running StackHawk scans |
get_stackhawk_schema | Get the StackHawk YAML schema |
list_applications | List applications in a StackHawk organization |
map_sensitive_data_surface | Map sensitive data exposure for an organization |
run_stackhawk_scan | Run a StackHawk scan using the CLI and stream results back to the chat. Optionally specify a config path (default: stackhawk.yml). |
search_vulnerabilities | Search for vulnerabilities in a StackHawk organization |
setup_stackhawk_for_project | Set up StackHawk for a new project |
validate_field_exists | Validate that a field path exists in the StackHawk schema |
validate_stackhawk_config | Validate a StackHawk YAML configuration file |
Manual installation
You can install the MCP server using:
Installation for