mcp-registry-risk-scanner

mizcausevic-dev/mcp-registry-risk-scanner

★ 0 stars TypeScript 🔒 Security Updated 1d ago

Static security scanner for MCP server.json registry manifests — flags supply-chain, transport, credential, and data-egress risks before you install a server.

View on GitHub → Try with Claude — $10 free →

Quick Install

Copy the config for your editor. Some servers may need additional setup — check the README.

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "mcp-registry-risk-sc": {
      "command": "npx",
      "args": [
        "-y",
        "mizcausevic-dev/mcp-registry-risk-scanner"
      ]
    }
  }
}

README Excerpt

Security scanner for **Model Context Protocol (MCP)** `server.json` registry manifests. It flags supply-chain, transport, credential, and data-egress risks **before** you install a server or list it in a registry — a pre-flight check for the MCP supply chain. Part of the [Kinetic Gain](https://suite.kineticgain.com) MCP governance lane (alongside [`mcp-kinetic-gain`](https://github.com/mizcausevic-dev/mcp-kinetic-gain) and the [MCP Tool Cards](https://toolcards.kineticgain.com) spec).

Topics

ai-governanceclidevsecopsmcpmodel-context-protocolscannersecuritysupply-chain-securitytypescript

mcp-registry-risk-scanner

Quick Install

README Excerpt

Topics

Related Security Servers