mynksh/mcp-pentest-toolkit
A safe, audit-focused toolkit for enumerating and testing Model Context Protocol (MCP) servers. It performs non-destructive checks to reveal information leakage, auth/authorization weaknesses, error-message leakage, rudimentary SSRF detection (opt-in), event-stream exposure, TLS/CORS presence, and rate-limit behavior.
Platform-specific configuration:
{
"mcpServers": {
"mcp-pentest-toolkit": {
"command": "npx",
"args": [
"-y",
"mcp-pentest-toolkit"
]
}
}
}Add the config above to .claude/settings.json under the mcpServers key.
Loading reviews...