Open-source security scanner for MCP servers and AI agents: finds prompt injection, tool poisoning, and excessive agency, and models the cloud your agents can reach. pip install attestral.
**The security scanner for AI agents and MCP servers.** <p align="center"> <img src="examples/vulnerable-agent/demo.gif" alt="attestral scan flagging an insecure MCP agent config in seconds" width="820"> </p> <!-- RESEARCH POST: "We scanned N popular MCP servers" - link TBD --> Your agent has a shell, a browser, your database, and a Slack token. Each tool is fine on its own. Together they are one injected sentence away from walking your secrets out the door. Attestral is the scanner that reads t