{"id":"knostic-mcp-scanner","name":"MCP-Scanner","af_score":40.0,"security_score":36.0,"reliability_score":15.0,"what_it_does":"A Python command-line security research tool that uses the Shodan API to discover potentially exposed Model Context Protocol (MCP) servers, probes them over HTTP and Server-Sent Events (SSE), verifies MCP protocol compliance, enumerates available tools/capabilities, and writes JSON/CSV/log outputs.","best_when":"You have explicit authorization to test endpoints and you need automated discovery + basic protocol/tool enumeration over HTTP/SSE with Shodan-based targeting.","avoid_when":"You need a formal, stable API/SDK interface for embedding into other systems, or you need strong operational safety guarantees (the repo content does not document safety limits beyond basic concurrency/rate-limit guidance).","last_evaluated":"2026-03-30T15:26:09.050667+00:00","has_mcp":false,"has_api":false,"auth_methods":["Shodan API key via --api-key"],"has_free_tier":false,"known_gotchas":["This is a CLI scanning tool, not a stable machine-to-machine API—agents must run subprocesses and parse output files.","Shodan rate limits/quotas may apply; README urges respecting rate limits but does not provide detailed retry/backoff behavior.","Target enumeration uses many Shodan filters; agents may unintentionally generate large scanning workloads if not constrained."],"error_quality":0.0}