MCP ZAP Server

Safe, self-hosted OWASP ZAP operator for guided AI security scans and reports.

Ready: LocalSecurity: LocalAuth: UnknownSetup: Unknownmcp_servermcp

Use it

Packages
  • oci: ghcr.io/dtkmn/mcp-zap-server:v0.8.0docker run ghcr.io/dtkmn/mcp-zap-server:v0.8.0
    Env: ZAP_API_URL, ZAP_API_PORT, ZAP_API_KEY, MCP_API_KEY, MCP_SERVER_TOOLS_SURFACE, MCP_SECURITY_MODE, MCP_SECURITY_ENABLED, MCP_SECURITY_ALLOW_PLACEHOLDER_API_KEY
  • oci: docker.io/dtkmn/mcp-zap-server:v0.8.0docker run docker.io/dtkmn/mcp-zap-server:v0.8.0
    Env: ZAP_API_URL, ZAP_API_PORT, ZAP_API_KEY, MCP_API_KEY, MCP_SERVER_TOOLS_SURFACE, MCP_SECURITY_MODE, MCP_SECURITY_ENABLED, MCP_SECURITY_ALLOW_PLACEHOLDER_API_KEY
Instructions
  • Use an MCP client, but no callable endpoint or package install target was published.

Version history

VersionStatusPublished
0.8.0LatestactiveMay 10, 2026