Nuclei
Fast, YAML-templated vulnerability scanner for apps, APIs, networks, DNS, and cloud, wrappable as an MCP tool for agents.
🛡️ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for Nuclei, derived from its capabilities.
AIVSS 9.2 · Critical
View MAESTRO 7-layer threat model →Overview
Nuclei is ProjectDiscovery's community-powered vulnerability scanner driven by a simple YAML DSL supporting HTTP, TCP, DNS, SSL, WHOIS, JavaScript, and code protocols. Community MCP wrappers expose scanning, template management, and result retrieval so AI agents and LLMs can run and interpret Nuclei scans programmatically. Giving an agent an active scanner is powerful but carries misuse, scope, and result-injection risks.
Key features
- YAML-DSL templated scanning
- Multi-protocol (HTTP/TCP/DNS/SSL/JS/code)
- Huge community template library
Use cases
- Automated vulnerability scanning in CI/CD
- Agent-driven scanning against known-CVE templates