rodolfboctor/mcp-scan
Security scanner for MCP server configurations. Detects secrets, CVEs, permission issues, and exfiltration vectors across 10 AI tool clients.
Platform-specific configuration:
{
"mcpServers": {
"mcp-scan": {
"command": "npx",
"args": [
"-y",
"mcp-scan"
]
}
}
}Add the config above to .claude/settings.json under the mcpServers key.
[](https://github.com/rodolfboctor/mcp-scan/actions/workflows/ci.yml) [](https://badge.fury.io/js/mcp-scan) [](https://www.npmjs.com/package/mcp-scan) [](https://opensource.org/licenses/MIT) [](https://github.com/rodolfboctor/mcp-scan/stargazers)
Open-source security scanner for Model Context Protocol (MCP) servers.
MCP servers run with full access to your filesystem, API keys, and network. mcp-scan audits every MCP server configuration on your system — detecting leaked secrets, prompt injection risks, supply-chain vulnerabilities, and data flow issues before they become incidents.
npx mcp-scan@latestNo installation. No sign-up. No telemetry. Zero network requests during scanning.
---
MCP servers are the new attack surface for AI-powered development. They run silently alongside your AI tools with shell access, filesystem permissions, and network egress. A single malicious or misconfigured server can exfiltrate API keys, inject instructions into your AI sessions, or become a supply-chain entry point.
mcp-scan was built after analyzing hundreds of publicly available MCP server configs and finding patterns that existing security tools miss: credential relay, prompt injection via tool descriptions, typosquatting near popular packages, and data sent to unexpected endpoints.
Featured in [Stytch Engineering Blog](https://stytch.com/blog/npm-audit-for-mcp-security): *"npm-audit for MCP security: A deep-dive on mcp-scan"*
---
| Check | Severity | Description | |-------|----------|-------------| | Data Exfiltration | CRITICAL | Tool reads filesystem and sends
Loading reviews...