Snyk MCP server
Run Snyk SAST, SCA, IaC, container, and SBOM scans from your AI agents.
About
Connect Tracecat to Snyk to scan code, dependencies, containers, and infrastructure for AppSec engineers and engineering agents shipping new code. You can run SCA against a manifest or Snyk Code against a source directory and weigh the results side by side. From there, scan container images, generate SBOMs and AI BOMs, and check package health with confidence.
Setup
- 1
Sign in with OAuth
You'll authorize Tracecat to access Snyk on your behalf. No API keys to manage.
- 2
Select the
Snyktile in the Tracecat MCP catalogOpen the
MCP catalogin your workspace, select theSnyktile, and complete the OAuth flow. - 3
Enable
Snykin your agentIn your
ai.agentaction orAgents→toolstab, selectSnykfrom theMCP integrationsdropdown.
Tools
snyk_sca_scan | Run a Snyk Open Source SCA scan against a project's dependency manifests. |
snyk_code_scan | Run a Snyk Code SAST scan against a source directory. |
snyk_iac_scan | Scan Terraform, CloudFormation, Kubernetes, or Helm for IaC misconfigurations. |
snyk_container_scan | Scan a container image for OS and application vulnerabilities. |
snyk_sbom_scan | Generate or scan a software bill of materials in CycloneDX or SPDX. |
snyk_aibom | Generate an AI bill of materials for an AI or ML project. |
snyk_package_health_check | Check the health, license, and risk profile of an open source package. |
snyk_auth | Start an interactive Snyk auth flow from inside the agent. |
snyk_logout | Clear local Snyk credentials. |