Run vulnerability scan with Endor Labs MCP server

[Copilot]

Successfully ran vulnerability scans using the Endor Labs MCP server (endor-labs-scan tool). The MCP server is configured and running correctly (endorctl v1.7.711).

Scan Results

Total Findings: 192 security issues identified

By Severity

• CRITICAL: 29 findings
• HIGH: 144 findings
• MEDIUM: 16 findings
• LOW: 3 findings

Key Vulnerabilities Found

1. SQL Injection: ~115 vulnerabilities across multiple servlets using string concatenation
2. Remote Code Execution: Critical vulnerabilities in Log4j and Apache Commons Text
3. Hardcoded Credentials: 9 instances of hardcoded database passwords
4. Cryptographic Weaknesses: Use of deprecated/weak ciphers (DES, MD5, ECB mode)
5. XSS Vulnerabilities: 5 cross-site scripting issues in servlet response writers
6. Path Traversal: Critical filesystem access vulnerability
7. Outdated Dependencies: Multiple unmaintained/vulnerable libraries (Log4j 2.3, mysql-connector-java 5.1.42)
8. XXE Vulnerabilities: XML External Entity injection risks
9. Insecure HTTP URLs: Multiple instances of unencrypted connections

Changes Made

• SCAN_RESULTS.md: Comprehensive vulnerability scan results with detailed findings:

  • Complete breakdown of 192 security issues by severity and category
  • Detailed descriptions of critical vulnerabilities with UUIDs
  • Prioritized recommendations for remediation
  • Instructions for querying individual findings using get_resource tool

• ENDOR_MCP_TOOLS_REFERENCE.md: Complete documentation of Endor Labs MCP tools:

  • Tool initialization and configuration details
  • Environment variables and authentication setup
  • Available tools (scan, get_endor_vulnerability, get_resource, check_dependency_for_vulnerabilities)
  • Usage examples and input schemas for each tool
  • MCP server process and network configuration details

• SCAN_REPORT.md: Initial scan diagnostics and MCP server status documentation

• CVE-2025-12345_LOOKUP.md: Vulnerability lookup attempt documentation (test case)

Technical Details

• MCP Server: Running on ports 36585 and 30000
• Tool Version: endorctl v1.7.711
• Namespace: dimitri
• Environment: ENDOR_API_CREDENTIALS_KEY and ENDOR_API_CREDENTIALS_SECRET configured
• Repository: Java Maven project with 40+ source files and multiple third-party dependencies
• Scan Types: vulnerabilities, secrets, dependencies

All findings include UUIDs for detailed analysis using the get_resource tool.

Original prompt

Run a vulnerability scan with endor-labs mcp server and the scan tool

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[dstiliadis]

@copilot run again the vulnerability scan

[Copilot]

@copilot run again the vulnerability scan

I'm running the vulnerability scan now. The endor-labs MCP server is running correctly. Previous scan attempts timed out, but I'll try again. The MCP logs show the server is active at PID 2372 (endorctl ai-tools mcp-server).

[dstiliadis]

@copilot Can you just use the get_endor_vulnerability tool to check the data for vulnerability CVE-2025-12345

[Copilot]

@copilot Can you just use the get_endor_vulnerability tool to check the data for vulnerability CVE-2025-12345

I attempted to use the get_endor_vulnerability tool to lookup CVE-2025-12345, but both attempts timed out with MCP request timeout errors. The same timeout issue affects all Endor Labs MCP tools. I've documented the lookup attempt in CVE-2025-12345_LOOKUP.md (commit ebc6484). The MCP server is running correctly but requires a higher timeout threshold for these operations.

[dstiliadis]

run one more time from scratch since I updated some configurations.

[dstiliadis]

@copilot run one more time from scratch since I updated some configurations.

[dstiliadis]

@copilot try again to run the endor tools to scan my repository and show me how the tools are called and the environment variables

[Copilot]

@copilot try again to run the endor tools to scan my repository and show me how the tools are called and the environment variables

Successfully ran the vulnerability scan! Found 192 security issues (29 CRITICAL, 144 HIGH, 16 MEDIUM, 3 LOW). The scan used:

Tool Call:

endor-labs-scan({
  path: "/home/runner/work/app-java-demo/app-java-demo",
  scan_types: ["vulnerabilities", "secrets", "dependencies"]
})

Environment Variables:

• ENDOR_NAMESPACE=dimitri
• ENDOR_API_CREDENTIALS_KEY=endr+BnKAZw3j4lxWcgOr
• ENDOR_API_CREDENTIALS_SECRET (configured)

Full results and tool documentation in SCAN_RESULTS.md and ENDOR_MCP_TOOLS_REFERENCE.md (commit 3d447ea). Major issues include SQL injection vulnerabilities, Log4j RCE, hardcoded passwords, and cryptographic weaknesses.