MCP HubMCP Hub
getAsterisk

asterisk-mcp-server

by: getAsterisk

Asterisk Model Context Protocol (MCP) server.

13created 21/03/2025
Visit
Asterisk
Protocol

📌Overview

Purpose: Asterisk MCP Server is designed to provide real-time security scanning of code snippets and codebases to identify and verify security vulnerabilities.

Overview: The Asterisk MCP Server serves as a middleware that leverages the Model Context Protocol (MCP) to connect with the Asterisk security API, enabling AI assistants to perform comprehensive security analyses on code.

Key Features:

  • Code Snippet Scanning: Enables individual code snippets to be analyzed for potential security vulnerabilities, ensuring isolated code segments are secure.

  • Codebase Scanning: Supports scanning of entire codebases, delivering context-rich scanning across multiple files to identify security issues effectively.

  • Change Verification: Monitors code changes and verifies their security impact, facilitating timely detection of introduced vulnerabilities during development.

  • Beautiful Settings UI: Provides a user-friendly graphical interface for configuring the server, making setup and adjustments easier for users.

  • Flexible Transport Protocols: Supports multiple transport protocols, such as stdio and SSE, allowing for versatile integration with different systems.

  • Comprehensive Logging: Features detailed logging capabilities with adjustable verbosity levels to help with debugging and monitoring.

Asterisk MCP Server

A Model Context Protocol (MCP) server that provides security scanning capabilities for code snippets, codebases, and verification of code changes.

Overview

Asterisk MCP Server connects to the Asterisk security API, providing real-time security analysis of code. It implements the Model Context Protocol (MCP) to expose security scanning tools to AI assistants for detecting security vulnerabilities.

Features

  • Code Snippet Scanning: Analyze individual code snippets for security vulnerabilities.
  • Codebase Scanning: Scan multiple files for security issues with accurate context coverage.
  • Change Verification: Verify if code changes introduce security vulnerabilities.
  • Settings UI: Configure the server through a graphical interface.
  • Flexible Transport: Support for stdio and SSE transport protocols.
  • Comprehensive Logging: Detailed logging with configurable verbosity.

Requirements

  • Python 3.10+
  • pipx / uvx
  • httpx
  • mcp[cli]
  • dearpygui (for settings UI)

Usage

{
  "mcpServers": {
    "asterisk-mcp": {
      "command": "pipx",
      "args": [
        "run",
        "asterisk-mcp-server",
        "--api-url",
        "https://api.mcp.asterisk.so",
        "--transport",
        "stdio",
        "--key",
        "YOUR_API_KEY"
      ],
      "timeout": 3600
    }
  }
}

Configuration

Configuration can be provided through command-line arguments or the settings UI:

API Server Settings

  • --api-url: Base URL for the Asterisk API server.
  • --key: API key for authentication.
  • --timeout: Timeout for API requests in seconds.

MCP Server Settings

  • --server-name: Name of the MCP server.
  • --transport: Transport protocol for the MCP server (stdio or sse).
  • --port: Port for the SSE server (used with --transport sse).

Logging Settings

  • --log-level: Logging level (DEBUG, INFO, WARNING, ERROR, CRITICAL).
  • --no-console: Disable console output.

Available Tools

  • scan_snippet: Scans individual code snippets for security vulnerabilities.
  • scan_codebase: Scans multiple files for security issues.
  • verify: Verifies if code changes introduce security vulnerabilities.
  • settings: Opens the settings UI when the user enters "/asterisk".

Data Flow

  1. The IDE sends a request to the Asterisk MCP Server using the MCP protocol.
  2. The MCP server processes the request and forwards it to the Asterisk Vulnerability Scanner API.
  3. The API analyzes the code and returns security findings.
  4. The MCP server formats the results and returns them to the IDE/editor.
  5. The IDE presents the security analysis to the user.

Troubleshooting

Connection Issues

  • Verify that the API URL is correct and accessible.
  • Check that your API key is valid and has not expired.

Authentication Errors

  • Ensure your API key is correctly set.
  • Regenerate your API key from the dashboard if necessary.

Timeout Errors

  • Increase the API timeout setting for large codebases.
  • Consider analyzing smaller portions of code separately.

License

This project is licensed under the Apache License, Version 2.0.

Getting Help

Reach out to us at hello@asterisk.so for assistance or get your API key from the Asterisk app.