Back to Home
appsecco icon

pentesting-mcp-servers-checklist

Verified Safe

by appsecco

View Source

Overview

This project provides a practical, community-driven checklist for pentesting Model Context Protocol (MCP) servers, guiding security testers through potential vulnerabilities in AI agent execution layers.

Installation

Run Command
No command provided

Security Notes

The provided source code consists solely of documentation files (Markdown). This project is a security checklist designed to help identify vulnerabilities in Model Context Protocol (MCP) servers. The project itself does not contain executable code, and therefore does not pose runtime security risks such as 'eval' usage, obfuscation, network vulnerabilities, or hardcoded secrets. Its content explicitly warns about dangerous functions and insecure practices in MCP servers, making it a valuable security resource.

Similar Servers

awesome-mcp-security

605

This repository serves as a curated list of resources, including papers, videos, articles, tools, and servers, focusing on Model Context Protocol (MCP) security.

AI & ML
10
$Low

mcp-watch

111

A comprehensive security scanner for Model Context Protocol (MCP) servers, detecting various vulnerabilities in their implementations.

Analytics
9
$High

mcp-security-scanner

18

A Python-based penetration testing tool designed to scan and identify vulnerabilities in Model Context Protocol (MCP) servers.

8
$Medium

modelcontextprotocol-security.io

11

Provides comprehensive security guidance, best practices, and resources for hardening Model Context Protocol (MCP) deployments and AI agents.

9
$Low

Stats

Interest Score66
Security Score10
Cost ClassLow
Stars18
Forks2
Last Update2025-12-13

Tags

MCP serverspentestingsecurity checklistAI agentsOWASP