MCP-Scan: An MCP Security Scanner
A security scanning tool for MCP servers
what is MCP-Scan?
MCP-Scan is a security scanning tool designed to check installed MCP servers for common security vulnerabilities such as prompt injections, tool poisoning, and cross-origin escalations.
how to use MCP-Scan?
To use MCP-Scan, run the command uvx mcp-scan@latest in your terminal to initiate the scanning process on your MCP server configurations.
key features of MCP-Scan?
- Scans for prompt injection attacks in tool descriptions.
- Detects cross-origin escalation attacks.
- Tool pinning to prevent MCP rug pull attacks.
- Inspecting tool descriptions of installed tools.
use cases of MCP-Scan?
- Identifying security vulnerabilities in MCP server configurations.
- Ensuring the integrity of tools used in MCP environments.
- Preventing potential security breaches through proactive scanning.
FAQ from MCP-Scan?
- What types of vulnerabilities does MCP-Scan check for?
MCP-Scan checks for prompt injections, tool poisoning, and cross-origin escalations.
- Is my data safe when using MCP-Scan?
Yes, MCP-Scan does not store or log any usage data, ensuring your configurations remain private.
- How can I contribute to MCP-Scan?
Contributions are welcome! You can open an issue on the GitHub repository for suggestions or bug reports.
what is MCP-Scan?
MCP-Scan is a security scanning tool designed to check installed MCP servers for common security vulnerabilities such as prompt injections, tool poisoning, and cross-origin escalations.
how to use MCP-Scan?
To use MCP-Scan, run the command uvx mcp-scan@latest in your terminal to initiate the scanning process on your MCP server configurations.
key features of MCP-Scan?
- Scans for prompt injection attacks in tool descriptions.
- Detects cross-origin escalation attacks.
- Tool pinning to prevent MCP rug pull attacks.
- Inspecting tool descriptions of installed tools.
use cases of MCP-Scan?
- Identifying security vulnerabilities in MCP server configurations.
- Ensuring the integrity of tools used in MCP environments.
- Preventing potential security breaches through proactive scanning.
FAQ from MCP-Scan?
- What types of vulnerabilities does MCP-Scan check for?
MCP-Scan checks for prompt injections, tool poisoning, and cross-origin escalations.
- Is my data safe when using MCP-Scan?
Yes, MCP-Scan does not store or log any usage data, ensuring your configurations remain private.
- How can I contribute to MCP-Scan?
Contributions are welcome! You can open an issue on the GitHub repository for suggestions or bug reports.