rodolfboctor/mcp-scan
Security scanner for MCP server configurations. Detects secrets, CVEs, permission issues, and exfiltration vectors across 10 AI tool clients.
This tool helps security engineers and developers audit the configurations of their AI-powered tools, such as VS Code or GitHub Copilot, to prevent security breaches. It takes your existing AI tool server configurations and provides a detailed report on potential vulnerabilities like leaked secrets, data exfiltration risks, and prompt injection vulnerabilities. Security teams, compliance officers, and developers who use AI tools will find this useful for maintaining a secure environment.
Available on npm.
Use this if you need to identify and mitigate security risks within your AI development ecosystem, including exposed credentials, data flow issues, and supply-chain vulnerabilities.
Not ideal if you are looking for a runtime monitoring solution for live AI server traffic or a tool to enforce real-time alerts.
Stars
21
Forks
2
Language
TypeScript
License
MIT
Category
Last pushed
Mar 28, 2026
Commits (30d)
0
Dependencies
12
Get this data via API
curl "https://pt-edge.onrender.com/api/v1/quality/mcp/rodolfboctor/mcp-scan"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
Higher-rated alternatives
Wh0am123/MCP-Kali-Server
MCP configuration to connect AI agent to a Linux machine.
DMontgomery40/pentest-mcp
NOT for educational purposes: An MCP server for professional penetration testers including...
BurtTheCoder/mcp-shodan
MCP server for Shodan — search internet-connected devices, IP reconnaissance, DNS lookups, and...
cyproxio/mcp-for-security
MCP for Security: A collection of Model Context Protocol servers for popular security tools like...
0x4m4/hexstrike-ai
HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot,...