Search

More Filters

Show More
Add Listing
Go Back

mcp scan

0
New
Security & Compliance
Report

Report Abuse

Basic Information

MCP-Scan is a security scanning and monitoring tool for Model Context Protocol (MCP) servers and the tools they expose. It is designed to detect and mitigate common MCP-specific vulnerabilities such as prompt injection, tool poisoning, toxic flows, cross-origin escalation and rug-pull changes to tool definitions. The project provides two primary operating modes: a static scanner that inspects installed MCP server configurations and tool descriptions, and a runtime proxy that intercepts and analyzes MCP traffic system-wide. The scanner can discover a variety of MCP client configurations including Claude, Cursor and Windsurf. Scan results may be sent to invariantlabs.ai for guardrail verification unless the user opts out. MCP-Scan also assigns a persistent anonymous scan ID for research. The README documents CLI commands, configuration options, guardrailing configuration files, and development setup for running the tool from source.

Links

Stars
955
App URL
https://github.com/invariantlabs-ai/mcp-scan
Github Repository
https://github.com/invariantlabs-ai/mcp-scan/blob/main/README.md

Categorization

App Details

Features
MCP-Scan offers static server scanning and a dynamic proxy mode. The static scan discovers MCP configurations and retrieves tool descriptions for local checks and verification via Invariant Guardrails. The proxy mode injects a local Invariant Gateway into MCP server configurations to intercept, log and analyze live MCP traffic and then removes the gateway when finished. Guardrail enforcement supports blocking or logging PII, secrets, tool restrictions and custom rules written in the Guardrails language. The tool detects prompt injection, tool poisoning, cross-origin escalation and toxic flows and can detect changes to tools via hashing to identify rug-pull attacks. CLI features include scan, proxy, inspect, whitelist and help commands. Options include storage file path, base URL, verbosity, JSON output, and flags for controlling timeouts, checks per server and output formatting.
Use Cases
MCP-Scan helps operators and security teams secure agent integrations by providing both preemptive and runtime protections for MCP connections. The static scanner identifies suspicious or malicious tool descriptions and risky prompt content before agents use them. The proxy mode provides continuous monitoring and enforcement of policies during execution, enabling real-time blocking or logging of calls that contain secrets, PII or other policy violations. Custom guardrails let teams express bespoke rules to filter or stop problematic tool outputs. Whitelisting allows approved tools, prompts or resources to be exempted from repeated alerts. JSON output and CLI automation make it possible to incorporate scan results into CI, registries or other tooling. The README highlights privacy controls, including an opt-out for sharing tool descriptions and a promise not to store MCP call contents.

Categories

Content Creation (5042)
Monetization & Business (2246)
Development Tools (1407)
Marketing & Social Media (1403)
Education & Career (1380)
Multi-Agent Platforms & Frameworks (1009)
Health & Life (957)
AI Resources (920)
Agents & Automation (778)
Data & Analytics (764)
Productivity Tools (679)
Writing & Editing (666)

Similar Listings

listing image

pentagi

0 (0 review)
listing image

reaper

0 (0 review)
listing image

wcgw

0 (0 review)
listing image

Sage

0 (0 review)
listing image

MemoryOS

0 (0 review)

Featured Listings

Tags

Please fill the required fields*