Home / Security / mcp-security-scanner

mcp-security-scanner

shanefirek/mcp-security-scanner
★ 0 stars Unknown language 🔒 Security Updated 1d ago
Static security scanner for MCP server configs and code, mapped to the NSA's May 2026 MCP security guidance. 35+ checks across 11 threat categories.
View on GitHub → Try with Claude — $10 free →

Quick Install

Copy the config for your editor. Some servers may need additional setup — check the README.

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "mcp-security-scanner": {
      "command": "npx",
      "args": [
        "-y",
        "shanefirek/mcp-security-scanner"
      ]
    }
  }
}

README Excerpt

<div align="center"> **35+ checks. 11 threat categories. Audit your MCP servers before someone else does.** MCP adoption is outpacing its security model. This scanner audits MCP configurations and server code against the NSA's May 2026 security guidance — finding hardcoded secrets, unpinned versions, excessive permissions, and unaudited third-party servers.

Related Security Servers

casdoor ★ 13.4K
An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI...
🔒 Security Go
lamda ★ 7.7K
The most powerful Android RPA agent framework, next generation of mobile automation robots.
🔒 Security Python
ENScan_GO ★ 4.2K
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。支持MCP接入
🔒 Security Go
vitemcp ★ 3.1K
A TypeScript framework for building MCP servers.
🔒 Security TypeScript