The security scanner for MCP servers — detect prompt injection, exposed credentials, endpoint risks, and tool poisoning before they reach production.
Four critical attack surfaces scanned automatically on every run.
Identifies tool descriptions, parameter names, and response bodies that attempt to hijack LLM behavior through embedded instructions.
15+ rulesDetects hardcoded API keys, tokens, passwords, and secrets across tool schemas and server responses before they leak to users.
17 patternsProbes for unauthenticated admin routes, debug endpoints, and over-permissive CORS policies that attackers can pivot through.
28 probesCatches maliciously crafted tool definitions that abuse agent trust to execute unauthorized actions or exfiltrate data silently.
CVSS scoredInstall, point, scan.
Results are printed to stdout and optionally exported as JSON or SARIF for CI integration.