{"id":"sahiloj-mcpscan","name":"MCPScan","af_score":48.5,"security_score":30.2,"reliability_score":30.0,"what_it_does":"MCPScan (mcpscan) is a CLI tool that discovers and audits Model Context Protocol (MCP) servers/configs and checks for security issues such as tool poisoning, credential leakage, overprivileged capability combinations, missing authentication, session hijacking indicators, SSRF vectors, RCE vectors, and supply-chain/CVE-related risks. It supports scanning stdio MCP servers (spawned via a command), scanning HTTP/SSE MCP endpoints, and optionally probing localhost for exposed HTTP MCP servers; outputs include terminal, JSON, and SARIF.","best_when":"You need an automated, repeatable static/dynamic-ish inspection pass over MCP server configurations and endpoints, especially in CI where you can capture machine-readable findings (JSON/SARIF).","avoid_when":"You cannot run it safely in an environment where it may spawn/inspect local MCP servers or probe network endpoints; or where you need formal verification of vulnerabilities beyond heuristic/static checks.","last_evaluated":"2026-03-30T15:36:37.610265+00:00","has_mcp":false,"has_api":false,"auth_methods":["None specified (CLI tool)"],"has_free_tier":false,"known_gotchas":["Relies on local config discovery paths and may scan unintended MCP configs if --all-configs is used broadly","Running with --command spawns a stdio server (potential side effects depend on the spawned command/server)","Network probing (--network) can hit localhost ports and may require safe scanning contexts","Coverage depends on implemented checks and transport parsing (stdio vs HTTP/SSE); unsupported MCP server behaviors may result in incomplete findings"],"error_quality":0.0}