Security scanner for MCP servers. Detects command injection, hardcoded secrets, path traversal, SSRF, unsafe deserialization. Open source core. Enterprise: $49/mo at whoffagents.com
Quick Install
Copy the config for your editor. Some servers may need additional setup — check the README.
Add to claude_desktop_config.json:
{
"mcpServers": {
"mcp-security-scanner": {
"command": "uvx",
"args": [
"mcp-security-scanner"
]
}
}
}
Run in terminal:
claude mcp add mcp-security-scanner uvx mcp-security-scanner
Add to .cursor/mcp.json:
{
"mcpServers": {
"mcp-security-scanner": {
"command": "uvx",
"args": [
"mcp-security-scanner"
]
}
}
}
Or install with pip: pip install mcp-security-scanner