CyberSentry

CyberSentry MCP is a professional-grade AI security auditor that acts as a Security Partner for AI coding agents running inside Cursor, Windsurf, and VS Code. Every time an agent writes a function, adds a dependency, or integrates an LLM, CyberSentry peer-reviews the security posture before the code reaches production. Seven expert tools — each encoding 30 years of cybersecurity practice: 🔑 scan_secrets_pro ($0.02) — Deep credential scan combining named-pattern detection for 18 secret types with Shannon entropy analysis to catch obfuscated or novel formats that regex-only scanners miss. 🔗 check_supply_chain ($0.10) — Cross-references every dependency against live OSV vulnerability data. Specifically targets AI-Assisted Supply Chain attacks where LLMs hallucinate package names and attackers pre-register them. 📋 generate_sbom ($0.25) — Generates a CycloneDX 1.5 or SPDX 2.3 Software Bill of Materials enriched with live CVE data and CyberSentry risk flags. Accepted by SOC2, ISO27001, and enterprise compliance auditors. 🗂️ map_compliance_controls ($0.35) — Maps security findings to controls across 8 frameworks: OWASP LLM Top 10, ISO 27001 Annex A, SOC 2, NIST CSF 2.0, COBIT 2019, CIS Controls v8, C2M2 v2.1, and DORA. Returns per-framework posture scores and executive summary for compliance reporting. 🛡️ audit_ai_tool ($0.50) — Full OWASP LLM Top-10 (2025) audit of AI tool-calling code. Detects prompt injection, insecure output handling, excessive agency, and system prompt leakage with line-level findings and CWE IDs. Replaces a manual specialist review. 👻 audit_github_repo ($0.75) — Scans a repository's full commit history for Ghost Secrets: credentials that were committed and deleted but still live in git diffs. The scan that standard tools miss entirely. 🗺️ graphic_attack_surface ($1.00) — Maps the complete AI/LLM attack surface of a codebase as a scored knowledge graph. Returns a Graphviz DOT diagram plus prioritised security report. Built by Carlos A. Russell | CISSP · CISM · CISA · CGEIT