apisec-inc/mcp-audit
See what your AI agents can access. Scan MCP configs for exposed secrets, shadow APIs, and AI models. Generate AI-BOMs for compliance.
This tool helps security and compliance teams understand what information their AI agents can access before deployment. It scans configuration files from AI development tools to identify exposed secrets, API endpoints, and AI models. The output is a clear report, including AI-BOMs, that pinpoints potential security risks, enabling teams to remediate issues and ensure compliance.
143 stars.
Use this if you need to audit your AI development environment for security vulnerabilities and ensure your AI agents aren't exposing sensitive data or connecting to unauthorized services.
Not ideal if you're looking for a runtime monitoring solution or need to scan secrets stored in dedicated secrets managers or dynamically generated configurations.
Stars
143
Forks
35
Language
Python
License
MIT
Category
Last pushed
Feb 27, 2026
Commits (30d)
0
Get this data via API
curl "https://pt-edge.onrender.com/api/v1/quality/mcp/apisec-inc/mcp-audit"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
Compare
Related servers
Wh0am123/MCP-Kali-Server
MCP configuration to connect AI agent to a Linux machine.
DMontgomery40/pentest-mcp
NOT for educational purposes: An MCP server for professional penetration testers including...
BurtTheCoder/mcp-shodan
MCP server for Shodan — search internet-connected devices, IP reconnaissance, DNS lookups, and...
cyproxio/mcp-for-security
MCP for Security: A collection of Model Context Protocol servers for popular security tools like...
0x4m4/hexstrike-ai
HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot,...