← Back to Skills Marketplace
nmap MCP server for AI-assisted network security auditing
by
Shane Milburn
· GitHub ↗
· v1.0.0
415
Downloads
1
Stars
3
Active Installs
1
Versions
Install in OpenClaw
/install nmap-mcp
Description
Network scanning MCP server wrapping nmap. Provides 14 purpose-built tools for host discovery, port scanning (SYN/TCP/UDP), service & OS detection, NSE scrip...
Usage Guidance
This skill is coherent with its stated purpose (an nmap MCP wrapper) and includes sensible safeguards (CIDR allowlist, target validation, audit logging, injection guards). Before installing: 1) confirm you actually want an on-host nmap service (it will execute nmap subprocesses and write scan results/audit logs to disk); 2) review and tighten config.yaml allowed_cidrs to your precise scope — do not leave broad RFC1918 ranges enabled in shared environments; 3) understand the host change required: granting cap_net_raw to the nmap binary (setcap) is necessary for SYN/ARP/OS scans and should be applied only if you trust this code and the environment; 4) protect the scan and audit directories (they may contain sensitive host/service info); 5) note the metadata mismatch (registry says no required binaries / instruction-only while the code requires nmap and Python packages) — installation is manual. If you want stronger assurance, run the bundled tests locally (they exercise scope enforcement, logging, persistence, and injection guards) and audit server.py end-to-end for any remaining truncated functions before deploying on production hosts.
Capability Analysis
Type: OpenClaw Skill
Name: nmap-mcp
Version: 1.0.0
The nmap-mcp skill bundle is a robust and well-documented MCP server for network auditing. It features 14 specialized tools with built-in security controls, including CIDR scope enforcement, audit logging, and protection against shell injection and path traversal. While a minor vulnerability exists in the regex used to filter dangerous nmap flags in the custom scan tool (potentially allowing script paths if using an equals sign), the inclusion of a comprehensive test suite (tests/test_nmap_mcp.py) and clear focus on responsible security auditing indicate the bundle is benign and professionally developed.
Capability Assessment
Purpose & Capability
The skill is an nmap MCP server and the included server.py, tests, README, and SKILL.md implement that functionality (scope enforcement, audit logging, scan persistence, and structured JSON output). Minor metadata mismatch: registry lists 'required binaries: none' and 'instruction-only', but the SKILL.md and code clearly require nmap and Python packages (fastmcp, python-nmap, pyyaml). This is explainable (install left to the user) but worth noting.
Instruction Scope
SKILL.md and server.py limit actions to scanning with nmap, scope checks, logging, and persistence. Instructions explicitly require configuring allowed CIDRs and warn about granting cap_net_raw only to nmap. The code includes input validation, hostname resolution with 'fail closed' behavior, and an injection guard for custom flags. No instructions or code paths were found that read unrelated system secrets or exfiltrate data to external endpoints.
Install Mechanism
No install spec is provided (skill is treated as instruction-only), which is lower risk but means the user must run pip install and configure mcporter/clawhub manually. The README and SKILL.md instruct pip install of dependencies and setcap on nmap; dependencies come from PyPI (requirements.txt). No unusual download URLs or archive extraction are used.
Credentials
The skill does not request credentials or sensitive environment variables. It uses a single optional NMAP_CONFIG env var to point to config.yaml (documented). It persists scans and audit logs to local disk as expected for this tool; these files will contain scan outputs and should be protected accordingly.
Persistence & Privilege
The skill persists scan results and an audit log to disk (SCAN_DIR and AUDIT_LOG) and therefore requires filesystem write access to its working directory. It also requires granting cap_net_raw capability to the nmap binary for SYN/OS/ARP scans — a privileged operation that the README documents and justifies, but which increases host attack surface if misused. 'always' is false and autonomous invocation is allowed (platform default).
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install nmap-mcp - After installation, invoke the skill by name or use
/nmap-mcp - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial public release — 14 nmap tools with structured JSON output, scope enforcement, audit logging, and injection hardening
Metadata
Frequently Asked Questions
What is nmap MCP server for AI-assisted network security auditing?
Network scanning MCP server wrapping nmap. Provides 14 purpose-built tools for host discovery, port scanning (SYN/TCP/UDP), service & OS detection, NSE scrip... It is an AI Agent Skill for Claude Code / OpenClaw, with 415 downloads so far.
How do I install nmap MCP server for AI-assisted network security auditing?
Run "/install nmap-mcp" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is nmap MCP server for AI-assisted network security auditing free?
Yes, nmap MCP server for AI-assisted network security auditing is completely free (open-source). You can download, install and use it at no cost.
Which platforms does nmap MCP server for AI-assisted network security auditing support?
nmap MCP server for AI-assisted network security auditing is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created nmap MCP server for AI-assisted network security auditing?
It is built and maintained by Shane Milburn (@sbmilburn); the current version is v1.0.0.
More Skills