Apache 2.0 · Open Source

Scan your MCP servers before attackers do.

Free security scanner for Model Context Protocol servers. Finds auth bypass, injection attacks, SSRF, hardcoded secrets, and 30+ vulnerabilities — in seconds.

POST /api/scan

https://

Try:

12%

community skills

contain malware in recent studies.

CVSS 8.8

one-click RCE

found in production MCP deployments.

1.5M

api tokens

leaked through insecure MCP configs.

30+

security tests

run against every target, in seconds.

Workflow

Three steps from URL to audit report.

No account, no install, no SDK. Point it at a running server or paste your config — get back a structured report with severity, affected tool, and a remediation hint for every finding.

STEP 01

Paste a URL or config.

HTTP/SSE server? Drop the URL. Local stdio server? Paste the JSON from claude_desktop_config.

$https://mcp.example.com/mcp

#or

{"command": "npx",

"args": ["@x/mcp"] }

STEP 02

We run 23 tests.

JSON-RPC handshake, tool enumeration, live injection probes, auth bypass, config static analysis — parallel where safe.

→ handshake ok

→ enumerate tools 8

→ inject ;id FAIL

→ probe cors FAIL

→ secrets scan FAIL

STEP 03

Get your grade.

A–F letter score, full findings list, exploit payloads we used, and per-tool risk tags. Everything as JSON too.

→ score 45 / 100

→ grade F

→ critical 3 · high 4

→ medium 3 · low 2

Two Scan Modes

Live probe, or static analysis.

Pick live probing when the server is running and reachable. Pick config analysis when you just want to vet a package before installing it.

◉ HTTP / SSE SCAN

Black-box, live payloads.

We connect over JSON-RPC 2.0, enumerate every tool, and fire real (non-destructive) payloads at each parameter. The server responds; we judge.

POST /api/scan
{
  "server_url": "https://mcp.example.com/mcp",
  "auth_token": "bearer-…"
}

◐ CONFIG ANALYSIS

Static, zero execution.

Paste the JSON and we inspect it — dangerous packages, unpinned versions, root execution, hardcoded secrets, CVE matches — without ever running the server.

POST /api/scan
{
  "config": {
    "command": "npx",
    "args": [...]
  }
}

Who this is for

Four audiences. Same problem.

If you install, audit, deploy, or publish MCP servers — this is for you.

// DEVELOPERS Individual devs

“I just installed 5 MCP servers for Claude Code. Are any of them dangerous?”

// SECURITY AppSec teams

“We need to audit every MCP server before production approval.”

// DEVOPS Platform eng

“We're rolling out MCP across the org. How do we enforce standards?”

// BUILDERS MCP authors

“I built an MCP server. Is it secure enough to publish?”

Compared to

Purpose-built beats generic.

DAST tools don't speak JSON-RPC 2.0. Manual review doesn't scale. We're the thing in the middle.

Feature	mcpscanner	Manual review	Generic DAST
MCP Protocol Native	✓ yes	— no	— no
Tool Enumeration	✓ yes	manual	— no
Per-tool Injection	✓ yes	manual	generic
Config Analysis	✓ yes	manual	— no
Auth Testing	✓ yes	manual	partial
Score & Grade	✓ yes	— no	— no
Speed	seconds	hours	minutes
Free	✓ yes	✓ yes	varies
API	✓ yes	— no	some