{"id":"trymightyai-mighty-security","name":"mighty-security","af_score":41.5,"security_score":38.2,"reliability_score":28.8,"what_it_does":"CLI/tooling to scan and analyze MCP servers for potentially malicious behavior (e.g., command injection, SSRF, credential/env leakage, path traversal). Includes an optional LLM mode (Cerebras) and mentions a web dashboard for monitoring/scans and exporting reports.","best_when":"You are evaluating third-party MCP servers you did not author, and you can run the scanner in an isolated environment (and optionally enable LLM analysis) before installation/deployment.","avoid_when":"You need strong guarantees of zero false positives or zero missed issues, or you cannot afford the risk of scanning untrusted code in an environment with any sensitive credentials/files.","last_evaluated":"2026-03-30T13:46:43.164952+00:00","has_mcp":false,"has_api":true,"auth_methods":[],"has_free_tier":false,"known_gotchas":["As a scanner, it may perform operations that can be risky with untrusted input; agents should run it in a sandbox and avoid sending sensitive data.","README suggests optional LLM analysis and a dashboard, but no stable programmatic API contract (schemas, endpoints, structured outputs) is described for agent integration.","Rate limiting is mentioned for local/GitHub scans, but there’s no documentation of headers, error codes, or retry guidance for API/automation flows."],"error_quality":0.0}