Scan Jira, Confluence, Slack, GitHub, GitLab, Zendesk, Linear, Asana, and Wrike for leaked secrets and exposed credentials — directly from your AI workflow. ## What it does n0s1-mcp exposes the [n0s1](https://github.com/spark1security/n0s1) secret scanner as MCP tools, letting Claude and other AI assistants scan your SaaS collaboration tools without leaving the chat. It detects GitHub tokens, AWS keys, Slack tokens, private keys, and hundreds of other secret patterns using a configurable regex engine. ## Tools | Tool | What it scans | |---|---| | `scan_jira` | Jira ticket titles, bodies, and comments | | `scan_confluence` | Confluence pages and spaces | | `scan_slack` | Slack channels and messages | | `scan_github` | GitHub repositories and code | | `scan_gitlab` | GitLab projects and code | | `scan_zendesk` | Zendesk support tickets | | `scan_linear` | Linear issues and comments | | `scan_asana` | Asana tasks and projects | | `scan_wrike` | Wrike tasks and folders | | `scan_local` | Local filesystem paths | | `get_scan_status` | Poll status of a running scan | | `get_scan_findings` | Paginated findings from a completed scan | | `analyze_report` | AI-powered credential validation (Professional) | ## Quickstart No install required — runs via `uvx`: ```json { "mcpServers": { "n0s1": { "command": "uvx", "args": ["n0s1-mcp"] } } } Credentials can be passed as tool arguments or pre-set as environment variables (GITHUB_TOKEN, JIRA_TOKEN, SLACK_TOKEN, etc.). Example prompts - "Scan my Jira project SEC for leaked secrets" - "Check the GitHub org mycompany for exposed API keys" - "Scan /home/user/project for hardcoded credentials" - "Run AI validation on scan report abc-123" Professional mode Set N0S1_TOKEN to enable AI credential validation (analyze_report), encrypted secret upload, and the hosted scan backend at https://n0s1.spark1.us. License GNU GPL v3 · GitHub (https://github.com/spark1security/n0s1-mcp) --- This keeps the most useful info (tool table, quickstart, example prompts) visible without being too long for a registry listing.
How to connect
https://server.smithery.ai/spark1security/n0s1-mcp/mcpcurl -X POST https://server.smithery.ai/spark1security/n0s1-mcp/mcp \
-H 'Content-Type: application/json' \
-H 'Accept: application/json, text/event-stream' \
-d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{}}'