Google Antigravity Directory

The #1 directory for Google Antigravity prompts, rules, workflows & MCP servers. Optimized for Gemini 3 agentic development.

Resources

PromptsMCP ServersAntigravity RulesGEMINI.md GuideBest Practices

Company

Submit PromptAntigravityAI.directory

Popular Prompts

Next.js 14 App RouterReact TypeScriptTypeScript AdvancedFastAPI GuideDocker Best Practices

Legal

Privacy PolicyTerms of ServiceContact Us
Featured on FazierFeatured on WayfindioAntigravity AI - Featured on Startup FameFeatured on Wired BusinessFeatured on Twelve ToolsListed on Turbo0Featured on findly.toolsFeatured on Aura++That App ShowAI ToolzShinyLaunchMillion Dot HomepageSolver ToolsFeatured on FazierFeatured on WayfindioAntigravity AI - Featured on Startup FameFeatured on Wired BusinessFeatured on Twelve ToolsListed on Turbo0Featured on findly.toolsFeatured on Aura++That App ShowAI ToolzShinyLaunchMillion Dot HomepageSolver Tools

© 2026 Antigravity AI Directory. All rights reserved.

The #1 directory for Google Antigravity IDE

This website is not affiliated with, endorsed by, or associated with Google LLC. "Google" and "Gemini" are trademarks of Google LLC.

Antigravity AI Directory
PromptsMCPBest PracticesUse CasesLearn
Home
MCP Servers
Grype MCP
🦴

Grype MCP MCP Server

Vulnerability scanner for container images.

grypescannervulnerabilitiessbom

About

## Grype MCP Server: Container Vulnerability Scanner The **Grype MCP Server** integrates Anchore's vulnerability scanner into Google Antigravity, enabling developers to find vulnerabilities in container images and filesystems with detailed CVE analysis and remediation guidance. ### Why Grype MCP? - **Fast scanning** - Quickly scan container images for known vulnerabilities - **Multiple sources** - Check against NVD, GitHub Advisories, and vendor databases - **SBOM integration** - Work with Syft-generated software bills of materials - **CI/CD ready** - Fail builds on critical vulnerabilities - **Detailed reports** - Get CVE details with fix versions and severity scores ### Key Features #### 1. Image Vulnerability Scanning ```python # Scan container image for vulnerabilities scan = await mcp.call("grype", "scan_image", { "image": "myapp:latest", "scope": "all-layers", "fail_on": "high" }) print(f"Vulnerabilities: {scan[\"total\"]}") print(f"Critical: {scan[\"critical\"]}, High: {scan[\"high\"]}") for vuln in scan["matches"]: print(f"{vuln[\"vulnerability\"][\"id\"]}: {vuln[\"artifact\"][\"name\"]}") print(f" Severity: {vuln[\"vulnerability\"][\"severity\"]}") print(f" Fixed in: {vuln[\"vulnerability\"][\"fix\"][\"versions\"]}") ``` #### 2. SBOM Analysis ```python # Generate SBOM then scan sbom = await mcp.call("syft", "generate_sbom", { "source": "myapp:latest", "format": "spdx-json" }) # Scan SBOM for vulnerabilities vulns = await mcp.call("grype", "scan_sbom", { "sbom": sbom, "add_cpes": True }) # Group by package for remediation planning by_package = {} for vuln in vulns["matches"]: pkg = vuln["artifact"]["name"] if pkg not in by_package: by_package[pkg] = [] by_package[pkg].append(vuln) ``` #### 3. Directory Scanning ```python # Scan project directory dir_scan = await mcp.call("grype", "scan_directory", { "path": "/app/project", "include": ["node_modules", "vendor"], "exclude": ["test", "docs"] }) # Check specific file types for vuln in dir_scan["matches"]: if vuln["artifact"]["type"] == "npm": print(f"NPM: {vuln[\"artifact\"][\"name\"]}@{vuln[\"artifact\"][\"version\"]}") print(f" CVE: {vuln[\"vulnerability\"][\"id\"]}") ``` #### 4. CI/CD Integration ```python # Scan with policy enforcement result = await mcp.call("grype", "scan_with_policy", { "image": "myapp:latest", "policy": { "fail_on_severity": "high", "ignore_unfixed": True, "ignore_cves": ["CVE-2023-xxxxx"], "max_age_days": 30 } }) if result["policy_violated"]: print("Build failed due to vulnerability policy") for violation in result["violations"]: print(f" - {violation[\"cve\"]}: {violation[\"reason\"]}") ``` ### Configuration ```json { "mcpServers": { "grype": { "command": "npx", "args": ["-y", "@anthropic/mcp-grype"], "env": { "GRYPE_DB_AUTO_UPDATE": "true", "GRYPE_DB_CACHE_DIR": "/var/cache/grype" } } } } ``` ### Use Cases **Pre-deployment Scanning**: Check images before pushing to production registries. **Dependency Auditing**: Find vulnerable packages in your application dependencies. **Compliance Reporting**: Generate vulnerability reports for security audits. **Continuous Monitoring**: Regular scans of deployed images for new CVEs. The Grype MCP Server brings vulnerability scanning into your container development workflow.

Installation

Configuration
{
  "mcpServers": {
    "grype": {}
  }
}

How to Use

    Related MCP Servers

    🧰

    Toolhouse MCP

    Universal AI tool platform that equips your AI with production-ready capabilities. Execute code, browse the web, manage files, send emails, and more through a unified MCP interface.

    🔨

    Smithery Registry MCP

    The MCP server registry and discovery platform. Browse, search, and install MCP servers from the community. Find the perfect integrations for your AI development workflow.

    🔍

    MCP Inspector

    Official debugging and testing tool for MCP servers. Inspect server capabilities, test tool calls, validate responses, and debug protocol communication in real-time.

    ← Back to All MCP Servers