panavinsingh/MCP-Lattice
Security scanner for Model Context Protocol (MCP) with capability graph analysis. Detects emergent attack chains across multi-server AI agent deployments that no individual tool scan can find.
Built in Go, it auto-discovers MCP configurations across Claude Desktop, Cursor, Windsurf, VS Code, and Gemini CLI, then runs a 4-layer detection pipeline (pattern matching, semantic analysis, capability graph modeling, and LLM-based causal analysis) with 34 YAML-based detection templates covering prompt injection, tool poisoning, SSRF, and auth bypass. The core innovation is cross-server attack chain detection—modeling read/write/execute/transmit capabilities across all configured servers to identify toxic tool combinations no single-server scanner catches, with results exportable to terminal, JSON, SARIF, and HTML formats.
Stars
7
Forks
6
Language
Go
License
Apache-2.0
Category
Last pushed
Mar 26, 2026
Commits (30d)
0
Get this data via API
curl "https://pt-edge.onrender.com/api/v1/quality/mcp/panavinsingh/MCP-Lattice"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
Higher-rated alternatives
Wh0am123/MCP-Kali-Server
MCP configuration to connect AI agent to a Linux machine.
DMontgomery40/pentest-mcp
NOT for educational purposes: An MCP server for professional penetration testers including...
BurtTheCoder/mcp-shodan
MCP server for Shodan — search internet-connected devices, IP reconnaissance, DNS lookups, and...
cyproxio/mcp-for-security
MCP for Security: A collection of Model Context Protocol servers for popular security tools like...
0x4m4/hexstrike-ai
HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot,...