mcp-scan
mcp-scan is a locally-run CLI security scanner for Model Context Protocol (MCP) server configurations. It auto-detects configurations for multiple AI tool clients and performs checks such as secret exposure, prompt injection risk, supply-chain/package risk, data exfiltration indicators, and permission/transport issues. It can output JSON and integrate with GitHub Actions via SARIF.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Claims to run entirely locally with zero network requests and no account/sign-up. Since it is a security scanner, it will likely read local configs and may touch sensitive data; actual handling of discovered secrets in logs/output is not verifiable from provided README alone. No details provided about TLS/network because it is described as offline.
⚡ Reliability
Best When
When you need offline, local static/config security scanning of MCP server setups for multiple developer tools, and want CI integration for ongoing governance.
Avoid When
Avoid using it as your only control for environments requiring strong guarantees against active exfiltration; use additional sandboxing/egress controls and runtime monitoring.
Use Cases
- • Scan a workstation/developer machine for MCP server configuration risks (secrets, prompt injection, supply chain).
- • Run CI scans to fail builds based on severity thresholds and upload SARIF to GitHub Security.
- • Generate SBOM outputs (CycloneDX/SPDX) for MCP-related dependencies.
- • Validate organization-specific security policies via .mcp-scan-policy.yml.
- • Produce privacy/compliance reports (mapping to common frameworks/controls).
Not For
- • Acting as a runtime monitor of MCP behavior while tools are executing (roadmap mentions runtime monitoring as future).
- • Validating correctness of MCP servers beyond static/config analysis.
- • Security assurance for systems where you cannot trust the scanning environment (e.g., untrusted execution context).
Interface
Authentication
No authentication described; scanning is claimed to be local/offline.
Pricing
No pricing/paid tiers described; suggests local CLI usage (npx / npm package).
Agent Metadata
Known Gotchas
- ⚠ As a local CLI, it may rely on local filesystem/config paths and tool-specific locations; agents may need to run in the correct environment/working directory.
- ⚠ Static detection may produce false positives/negatives; policy thresholds should be tuned.
- ⚠ GitHub Action integration may depend on repository workflow permissions to upload SARIF.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for mcp-scan.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.