Garak-MCP
Verified Safeby EdenYavin
Overview
Provides an MCP interface for Garak to perform LLM vulnerability scanning and report generation.
Installation
uv --directory path-to/Garak-MCP run garak-serverEnvironment Variables
- OPENAI_API_KEY
- OPENAI_MODELS
- HUGGINGFACE_API_KEY
- HUGGINGFACE_MODELS
- GGML_MODELS
Security Notes
The server uses `subprocess.Popen` to execute `garak` commands with user-provided arguments (`model_name`, `probe_name`). While passing arguments as a list of strings (`command: list[str]`) mitigates direct shell injection by avoiding shell interpretation, an attacker with access to the MCP client could still attempt to craft malicious strings to exploit potential vulnerabilities in `garak`'s CLI parsing or to trigger unintended resource consumption. The server runs over `stdio` and is not directly exposed as a network service. API keys are correctly loaded from environment variables. Output from `garak` processes is captured and printed, which could potentially expose sensitive information if probes generate it.
Similar Servers
mcp-scanner
Scans Model Context Protocol (MCP) servers, tools, prompts, and resources for security vulnerabilities, employing static analysis, YARA rules, Cisco AI Defense API, and LLM-based behavioral analysis.
mcp-watch
A comprehensive security scanner for Model Context Protocol (MCP) servers, detecting various vulnerabilities in their implementations.
mcp-security-scanner
A Python-based penetration testing tool designed to scan and identify vulnerabilities in Model Context Protocol (MCP) servers.
Mcpwn
Automated security testing framework for Model Context Protocol (MCP) servers, detecting RCE, path traversal, prompt injection, and protocol vulnerabilities.