Skip to content

shyshlakov/pci-dss-mcp

MCP Security & Auth

Static analysis MCP server that scans Go payment‑service codebases for PCI DSS v4.0.1 violations and maps each finding to the exact requirement ID.

Track releases GitHub
Go Latest v0.7.1 · 1mo ago Security brief →

Features

  • Runs 12 specialized scanners plus an AI triage engine over a Go payment service codebase
  • Maps every detected issue to a specific PCI DSS v4.0.1 requirement number
  • Provides detailed file‑line context and severity grouping for compliance reporting

Recent releases

View all 14 releases →
Review required
v0.7.1 Breaking risk
Auth RCE / SSRF

PCI DSS mapping change for apikey

Open
Review required
v0.7.0 New feature
Auth RBAC Dependencies

HTTP input taint tracking

Open
Config change
v0.6.3 Breaking risk
Breaking upgrade

Mode removal enforces privacy

Open
Config change
v0.6.2 Breaking risk
Breaking upgrade

CycloneDX 1.6 bump

Open
Monitor
v0.5.3 New feature

Native Go fuzz coverage

Open

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

About

Stars
1
Forks
0
Languages
Go Shell Makefile
View on GitHub

Install & Platforms

Install via
go docker

Similar tools

goklab/guardvibe
girste/mcp-cybersec-watchdog
intruder-io/intruder-mcp
MCP Ethical Hacking by cmpxchg16
icoretech/warden-mcp

Alternative to

Semgrep CodeQL gosec

Beta — feedback welcome: [email protected]