Skip to main content
Glama

yop-mcp

by yop-platform
GitHub
Python
Apache 2.0
1
  • Apple
  • Linux
OverviewInspectNewEndpointsSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue
security.yml3.42 kB
name: Security Scan on: push: branches: [main, master, develop] pull_request: branches: [main, master, develop] schedule: - cron: "0 2 * * 1" # Weekly on Monday at 2 AM UTC jobs: bandit: name: Bandit Security Scan runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Install uv uses: astral-sh/setup-uv@v4 with: version: "latest" - name: Set up Python 3.13 run: uv python install 3.13 - name: Install dependencies run: uv sync --extra dev --extra test - name: Run Bandit run: | uv run bandit -r tools/ main.py -f json -o bandit-report.json || true echo "Bandit scan completed" - name: Upload Bandit report uses: actions/upload-artifact@v4 with: name: bandit-report path: bandit-report.json - name: Display Bandit results run: | if [ -f bandit-report.json ]; then echo "Bandit security scan results:" cat bandit-report.json | python -m json.tool || echo "No issues found" fi safety: name: Safety Vulnerability Scan runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Install uv uses: astral-sh/setup-uv@v4 with: version: "latest" - name: Set up Python 3.13 run: uv python install 3.13 - name: Install dependencies run: uv sync - name: Run Safety run: | uv run safety check --json --output safety-report.json || true echo "Safety scan completed" - name: Upload Safety report uses: actions/upload-artifact@v4 with: name: safety-report path: safety-report.json - name: Check for vulnerabilities run: | if [ -f safety-report.json ]; then echo "Safety vulnerability scan results:" cat safety-report.json | python -m json.tool || echo "No vulnerabilities found" fi semgrep: name: Semgrep Security Scan runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Run Semgrep uses: semgrep/semgrep-action@v1 with: config: >- p/security-audit p/secrets p/python env: SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }} security-summary: name: Security Summary runs-on: ubuntu-latest needs: [bandit, safety, semgrep, osv-scanner] if: always() steps: - name: Download all artifacts uses: actions/download-artifact@v4 - name: Security Summary run: | echo "## Security Scan Summary" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY if [ -d bandit-report ]; then echo "### Bandit Results" >> $GITHUB_STEP_SUMMARY echo "✅ Bandit scan completed" >> $GITHUB_STEP_SUMMARY fi if [ -d safety-report ]; then echo "### Safety Results" >> $GITHUB_STEP_SUMMARY echo "✅ Safety scan completed" >> $GITHUB_STEP_SUMMARY fi echo "" >> $GITHUB_STEP_SUMMARY echo "All security scans have been completed. Check individual job logs for details." >> $GITHUB_STEP_SUMMARY

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/yop-platform/yop-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server