Hexstrike Ai
0x4m4/hexstrike-aiMIT⭐ 7,412🔧 151 tools
HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly bridge LLMs with real-world offensive security capabilities.
Hexstrike Ai has risks — usable with isolation (5.7/10, 2 critical, 0 high).
Recommended Actions
- highRun In Container2 critical vulnerabilities require isolation
- highLimit PermissionsRestrict tool access to minimum required scope
Do Not
- ✗running in production without container isolation
Risk Flags (2)
- criticalcommand_injection×2Command injection risk — subprocess called with shell=True and non-literal command
- lowno_input_validation×18MCP tool handler accepts raw string input without validation
How This Was Decided
- positivew=0.5Overall quality score = 5.7/10 (grade D)
- negativew=0.82 critical security issue(s) detected
- negativew=0.3Tool description clarity score = 2.2/10
Description Quality
3-Layer Breakdown
Description Dimensions
Security Analysis
Findings Redacted
Detailed security findings are hidden during the 90-day responsible disclosure window. Maintainers have been notified.
Metadata Health
Badge
Add this badge to your README:
[](https://spiderrating.com/servers/0x4m4/hexstrike-ai)Protect Your Agents
Get a free API key. Every MCP tool call checked against 15,923 rated servers in real-time.
Get Free API Key →Monitor All Your Servers
Dashboard for your entire MCP portfolio. Score tracking, alerts, and compliance reports.
Start Free Trial →Scan Locally (Open Source)
Run SpiderShield on your own machine. 46+ security rules, zero data leaves your system.
Star on GitHub →