{"id":"rodolfboctor-mcp-scan","name":"mcp-scan","homepage":"https://www.npmjs.com/package/mcp-scan","repo_url":"https://github.com/rodolfboctor/mcp-scan","category":"security","subcategories":[],"tags":["security","devtools","mcp","ai-security","supply-chain-security","secret-scanning","sast","sbom","sarif","github-actions","offline"],"what_it_does":"mcp-scan is a locally-run CLI security scanner for Model Context Protocol (MCP) server configurations. It auto-detects configurations for multiple AI tool clients and performs checks such as secret exposure, prompt injection risk, supply-chain/package risk, data exfiltration indicators, and permission/transport issues. It can output JSON and integrate with GitHub Actions via SARIF.","use_cases":["Scan a workstation/developer machine for MCP server configuration risks (secrets, prompt injection, supply chain).","Run CI scans to fail builds based on severity thresholds and upload SARIF to GitHub Security.","Generate SBOM outputs (CycloneDX/SPDX) for MCP-related dependencies.","Validate organization-specific security policies via .mcp-scan-policy.yml.","Produce privacy/compliance reports (mapping to common frameworks/controls)."],"not_for":["Acting as a runtime monitor of MCP behavior while tools are executing (roadmap mentions runtime monitoring as future).","Validating correctness of MCP servers beyond static/config analysis.","Security assurance for systems where you cannot trust the scanning environment (e.g., untrusted execution context)."],"best_when":"When you need offline, local static/config security scanning of MCP server setups for multiple developer tools, and want CI integration for ongoing governance.","avoid_when":"Avoid using it as your only control for environments requiring strong guarantees against active exfiltration; use additional sandboxing/egress controls and runtime monitoring.","alternatives":["npm audit / OSV-based dependency scanners","Semgrep/CodeQL for static secret and injection patterns","SBOM tools (CycloneDX/SPDX generators) and SCA tools (e.g., Snyk, Dependabot)","Custom internal policies + LLM/tooling for MCP configuration review","General-purpose IaC/config scanners (e.g., Trivy for certain artifacts, CodeQL for queries)"],"af_score":54.5,"security_score":75.5,"reliability_score":27.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:33:03.269878+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":false,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["None (local CLI)"],"oauth":false,"scopes":false,"notes":"No authentication described; scanning is claimed to be local/offline."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing/paid tiers described; suggests local CLI usage (npx / npm package)."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":["SOC 2 (claimed mappings)","GDPR (claimed mappings)","HIPAA (claimed mappings)","PCI-DSS (claimed mappings)","NIST 800-53 (claimed mappings)"],"min_contract":null},"agent_readiness":{"af_score":54.5,"security_score":75.5,"reliability_score":27.5,"mcp_server_quality":0.0,"documentation_accuracy":60.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":100.0,"rate_limit_clarity":90.0,"tls_enforcement":100.0,"auth_strength":90.0,"scope_granularity":50.0,"dependency_hygiene":60.0,"secret_handling":70.0,"security_notes":"Claims to run entirely locally with zero network requests and no account/sign-up. Since it is a security scanner, it will likely read local configs and may touch sensitive data; actual handling of discovered secrets in logs/output is not verifiable from provided README alone. No details provided about TLS/network because it is described as offline.","uptime_documented":0.0,"version_stability":55.0,"breaking_changes_history":30.0,"error_recovery":25.0,"idempotency_support":"true","idempotency_notes":"CLI scanning and report generation are likely idempotent for a given filesystem state; no mutating API operations described.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["As a local CLI, it may rely on local filesystem/config paths and tool-specific locations; agents may need to run in the correct environment/working directory.","Static detection may produce false positives/negatives; policy thresholds should be tuned.","GitHub Action integration may depend on repository workflow permissions to upload SARIF."]}}