Delegate security, audit, safety-classification, PII-detection, and guardrail tasks to curated NVIDIA NIM models via the `nvidia-security` MCP server. Use for authorized pentest reasoning, code audits (CVE/OWASP/SAST triage), threat modeling, prompt-injection detection, LLM I/O moderation, PII scrubbing, compliance review. Requires `NVIDIA_API_KEY`.
Route defensive security and audit workloads to purpose-tuned NIM models. Low temperature (0.2) for deterministic, auditable output.
mcp__nvidia-security__nvidia_security_list_models — list curated security models.mcp__nvidia-security__nvidia_security_chat — args: model (alias or id), messages, thinking, max_tokens.| Alias | Role | Use when |
|---|---|---|
deepseek-r1 | EOL 2026-01-26 (410 Gone). Use nemotron-ultra or kimi-k2-thinking:cloud for audit CoT. | |
nemotron-ultra (default) |
| audit-reasoner |
| Vulnerability analysis, secure-code review, compliance audits. |
qwen3-coder | code-auditor | SAST-style review, taint analysis, fix suggestions in diff form. |
devstral | code-auditor | Repo-scale secure-code + dependency + IaC audits. |
llama-guard | safety-classifier | Multimodal (text+image) jailbreak / prompt-injection / policy screen. |
nemotron-safety | safety-classifier | LLM I/O moderation, harmful content gating. |
nemotron-safety-reason | safety-classifier | Classification with justification (NeMo Guardrails). |
granite-guardian | risk-classifier | Bias, harm, hallucination, jailbreak, function-call risk. |
shieldgemma | risk-classifier | Harassment, dangerous content, sexual, hate. |
gliner-pii | pii-detector | PII extraction / redaction (GDPR/HIPAA pre-processing). |
nemotron-ultra (active). For verbose CoT use kimi-k2-thinking:cloud (Ollama). (deepseek-r1 EOL 2026-01-26.)qwen3-coder (small scope) or devstral (repo-scale).llama-guard or nemotron-safety.nemotron-safety-reason.gliner-pii first, then route.granite-guardian.shieldgemma.Pre-flight moderation + PII scrub
gliner-pii → redact.llama-guard or nemotron-safety → allow/deny.Audit workflow
qwen3-coder or devstral → produce finding list with line refs.nemotron-ultra → reason about severity + exploit path. (For verbose CoT, use kimi-k2-thinking:cloud via Ollama — deepseek-r1 EOL 2026-01-26.)nemotron-ultra → synthesize executive summary.mcp__nvidia-security__nvidia_security_chat({
model: "nemotron-ultra",
messages: [
{ role: "system", content: "Security auditor. Cite file:line. Output JSON findings." },
{ role: "user", content: "<diff>" }
],
max_tokens: 8192
})
Reasoning arrives wrapped in <thinking>…</thinking>. Preserve for audit trail; don't strip.
Authorized defensive / audit use only: pentest engagements with scope, CTFs, code review, guardrails, compliance, research. Refuse: mass targeting, detection-evasion for malicious actors, offensive payload crafting against third parties without authorization. When ambiguous, ask the user for authorization context before dispatching.
Opus plans → fan out independent audit chunks to security MCP models + Codex in parallel → nemotron-ultra or Opus synthesizes final report. Serialize only when a later stage depends on an earlier label (e.g., PII scrub before external send).
NVIDIA_API_KEY → surface and stop.nemotron-safety-reason for justification, or to Opus for judgment.nvidia-nim-mcp generalist model and note degradation.