{"id":"manthanghasadiya-mcpsec","name":"mcpsec","homepage":null,"repo_url":"https://github.com/manthanghasadiya/mcpsec","category":"security","subcategories":[],"tags":["ai-ml","security","appsec","mcp","fuzzing","pentesting","ssrf","injection","cli","python"],"what_it_does":"mcpsec is a Python CLI toolchain for security scanning and fuzzing of MCP (Model Context Protocol) servers. It can scan MCP servers via stdio or HTTP, enumerate attack surface, run SAST-like checks (Semgrep rules), and perform runtime fuzzing/generation to find crashes and application-layer vulnerabilities (e.g., SSRF/path traversal/RCE-class indicators), with optional AI-assisted payload generation.","use_cases":["Assess security of MCP servers you own/have permission to test (runtime scanning, fuzzing, and REPL-style exploitation assistance)","Continuously evaluate MCP toolchains for injection/path/SSRF/DoS and related classes of vulnerabilities","Generate evidence (PoC/crash cases) and export results to JSON/SARIF for CI workflows","Static analysis of MCP codebases using Semgrep rules for common security issues and MCP-specific misconfigurations"],"not_for":["Testing MCP servers you do not own or lack explicit permission to test","Production exploitation against third parties or unauthorized red-team activity","Environments that cannot tolerate active probing (fuzzing can crash servers / create load)"],"best_when":"You are evaluating your own MCP server/tool ecosystem (including downstream IDE/agent integrations) and can run scans in a controlled/staging environment with safeguards.","avoid_when":"You cannot isolate network/file access for the target, cannot handle potential crashes/DoS from fuzzing, or cannot ensure legal/ethical authorization.","alternatives":["General-purpose fuzzers (e.g., AFL++, libFuzzer) adapted to your MCP transport/protocol harness","MCP-specific security testing using custom JSON-RPC/stdio harnesses and scripted test cases","SAST-only approaches using Semgrep/CodeQL tailored to your MCP implementation (without runtime exploitation attempts)"],"af_score":40.0,"security_score":42.5,"reliability_score":35.0,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:38:01.966212+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":false,"mcp_server_url":null,"has_sdk":false,"sdk_languages":["Python"],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["HTTP Bearer token via -H/Authorization header for --http scans"],"oauth":false,"scopes":false,"notes":"The README indicates HTTP scanning with an Authorization: Bearer TOKEN header, but does not describe OAuth flows, scope granularity, or token lifecycle."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Open-source (MIT) CLI; costs are compute/AI-provider usage if using --ai and a configured model provider."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":40.0,"security_score":42.5,"reliability_score":35.0,"mcp_server_quality":20.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":70.0,"rate_limit_clarity":0.0,"tls_enforcement":70.0,"auth_strength":45.0,"scope_granularity":0.0,"dependency_hygiene":55.0,"secret_handling":45.0,"security_notes":"Tool is designed for offensive testing (fuzzing/exploitation assistance), so operational safety matters. Transport security for HTTP is not clearly specified (assumed HTTPS if using https://). Authentication support appears limited to passing a Bearer token header; scope/granularity and secure secret handling details are not described. Dependency hygiene cannot be verified from the provided manifest alone; listed deps look standard but no CVE review is provided.","uptime_documented":0.0,"version_stability":55.0,"breaking_changes_history":50.0,"error_recovery":35.0,"idempotency_support":"false","idempotency_notes":"Not indicated; scanning/fuzzing is likely non-idempotent with respect to target state and may cause crashes.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Active fuzzing/scanning can crash or DoS the target MCP server.","HTTP scanning requires correctly formatted MCP endpoint/transport path and valid Authorization header if enabled on the target.","AI payload generation requires additional setup (mcpsec setup) and may be sensitive to provider/model configuration."]}}