mcp-heimdall

caglarbozkurt/mcp-heimdall
★ 0 stars TypeScript Security Updated 9d ago
Security scanner for MCP servers — vet an MCP before you wire it into an agent. Detects prompt-injection, credential exfiltration (via taint analysis), RCE, and supply-chain risks, and catches cross-server exfil chains no single server reveals. Zero-dependency local CLI, SARIF output, CI-gateable, no account.
View on GitHub → 🔍 Audit Wallet Slippage →

Quick Install

Copy the config for your editor. Some servers may need additional setup — check the README.

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "mcp-heimdall": {
      "command": "npx",
      "args": [
        "-y",
        "caglarbozkurt/mcp-heimdall"
      ]
    }
  }
}

README Excerpt

<div align="center"> <img src="assets/logo.svg" width="84" alt="Heimdall" /> **The watchman at your agent's gate.** A security scanner for **Model Context Protocol (MCP) servers** — vet a server, or a whole agent config, before your agent trusts it. </div> --- MCP servers are unvetted code with a natural-language attack surface: their tool

Topics

agent-securityai-agentsclicompliancemcpmodel-context-protocolprompt-injectionsarifsastsecuritysecurity-scannersupply-chain-security