{"id":"cisco-ai-defense-mcp-scanner","name":"mcp-scanner","af_score":52.2,"security_score":61.2,"reliability_score":32.5,"what_it_does":"mcp-scanner is a Python tool/SDK/CLI that scans MCP servers and their exposed tools/prompts/resources/instructions for potential security issues. It supports multiple analysis engines (static YARA rules, an LLM-as-judge workflow, and Cisco AI Defense “inspect” API), plus offline JSON scanning, stdio/remote MCP connections, and optional VirusTotal-based malware detection via hash lookups.","best_when":"You need automated pre-deployment scanning for MCP components with configurable engines (YARA/LLM/Cisco AI Defense), including optional integration with external threat intelligence (VirusTotal) and/or supply-chain source scanning.","avoid_when":"You cannot use third-party services/models (Cisco AI Defense or LLM provider or VirusTotal) and want deterministic results; or you need strict guarantees that the scanner itself will not contact external endpoints (only relevant when optional analyzers are enabled).","last_evaluated":"2026-03-30T13:25:36.868381+00:00","has_mcp":false,"has_api":true,"auth_methods":["Cisco AI Defense API key (env: MCP_SCANNER_API_KEY) for API analyzer","Bearer token authentication for remote MCP servers (CLI/SDK parameters)","Custom HTTP headers (CLI: --header) for MCP gateway/remote servers","OAuth support (mentioned for SSE and streamable HTTP connections)"],"has_free_tier":false,"known_gotchas":["Multiple analyzers are optional; behavior and outputs depend on which external services/keys are configured (Cisco AI Defense, LLM provider, VirusTotal).","For remote MCP scans, credentials may be supplied as bearer token or via --header; the docs note custom headers override duplicate Authorization provided via bearer-token.","OAuth is supported for some transport types, but exact parameterization details are not visible in the provided excerpt.","VirusTotal scanning depends on API key presence and include/exclude rules; missing VT key disables malware scanning for hashes."],"error_quality":0.0}