mcp-audit
mcp-audit is a Python CLI (and web app) that scans for Model Context Protocol (MCP) configurations across developer tools and GitHub repos, detecting potential exposures such as secrets (API keys/tokens/DB URLs), connected APIs/endpoints, configured AI models, and risk flags (e.g., shell/filesystem access). It can export reports in multiple formats (JSON, SARIF, CycloneDX, etc.) and can be used in CI to fail builds on critical findings.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Security posture is indirectly evidenced: the tool is designed to detect exposed secrets and emphasizes that CLI runs locally with no telemetry, while the web app keeps a GitHub token in the browser (as claimed). However, the provided content does not describe how TLS is enforced for the web app, what credential fields are used for GitHub scanning, or how scan results handle/avoid logging sensitive data. Dependency hygiene cannot be validated from the provided snippet; only a minimal dependency list (Typer/Rich/Requests) is shown.
⚡ Reliability
Best When
You need org-wide, pre-launch visibility into MCP configuration files (in repos and on developer machines) to identify risky connections/secrets and produce standardized security reports.
Avoid When
You require runtime guarantees, detection of secrets exclusively present in live process memory/remote secret managers, or you need comprehensive coverage for custom/non-standard config locations without additional setup.
Use Cases
- • Pre-deployment auditing of MCP configurations used by AI agents (local machines and repos).
- • Secret and credential exposure detection in committed MCP config files (e.g., tokens/DB URLs).
- • Inventorying external APIs and AI models referenced by agent tooling for compliance and review.
- • Generating machine-consumable security artifacts (SARIF) for GitHub Security integration.
- • Generating AI-BOMs (CycloneDX) to support supply-chain/compliance workflows.
Not For
- • Discovering secrets that exist only at runtime in environment variables of running processes.
- • Scanning encrypted/obfuscated secrets that evade pattern matching.
- • Auditing dynamically generated MCP configs created only in memory at runtime.
- • Coverage for MCP configs located in non-standard paths or fetched from secret managers/vaults (unless also present in files).
- • Full assurance/guarantee of safety based solely on a static scan.
Interface
Authentication
No API auth is described for the CLI itself. The README claims a GitHub scan is limited by the PAT scope, implying that any GitHub API access would require user-provided GitHub credentials, but the specific auth mechanism (PAT env var, OAuth flow, etc.) is not documented in the provided content.
Pricing
Pricing details for any hosted web app are not provided; CLI usage is described as local and appears installable via pip.
Agent Metadata
Known Gotchas
- ⚠ The tool focuses on static config files; agents should not assume it will detect secrets that only exist at runtime.
- ⚠ GitHub scanning effectiveness depends on the PAT scope/credentials available to the scan.
- ⚠ Coverage gaps may occur for custom config locations, non-standard MCP config file paths, or configs sourced from secret managers.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for mcp-audit.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.