mcp-scanner
Verified Safeby cisco-ai-defense
Overview
A Python tool for scanning Model Context Protocol (MCP) servers and tools to detect potential security findings by leveraging Cisco AI Defense API, YARA rules, and LLM-as-a-judge.
Installation
mcp-scanner-api --host 0.0.0.0 --port 8080Environment Variables
- MCP_SCANNER_API_KEY
- MCP_SCANNER_ENDPOINT
- MCP_SCANNER_LLM_API_KEY
- MCP_SCANNER_LLM_MODEL
- MCP_SCANNER_LLM_BASE_URL
- MCP_SCANNER_LLM_API_VERSION
- MCP_SCANNER_LLM_TIMEOUT
- AWS_REGION
- AWS_PROFILE
- AWS_ACCESS_KEY_ID
- AWS_SECRET_ACCESS_KEY
- AWS_SESSION_TOKEN
- MCP_SCANNER_YARA_RULES_DIR
- MCP_SCANNER_OAUTH_CLIENT_ID
- MCP_SCANNER_OAUTH_CLIENT_SECRET
- MCP_SCANNER_OAUTH_REDIRECT_URI
Security Notes
The server demonstrates good security practices such as using environment variables for API keys, employing Pydantic's SecretStr for sensitive data, and explicit authentication controls. The LLM analyzer uses random delimiters to mitigate prompt injection. The `stdio` server interaction carefully normalizes and validates commands using `shutil.which` and `shlex.split` before execution, which is a strong mitigation for command injection in that context. However, any interaction with external processes, especially in `stdio` mode, inherently carries risk and requires trust in the executed command. The project's documentation explicitly covers security policies and vulnerability disclosure.
Similar Servers
mcp-interviewer
A Python CLI tool designed to evaluate, test, and generate reports on Model Context Protocol (MCP) servers to ensure compatibility and quality for LLM agent use cases.
mcp-watch
A comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in MCP implementations.
mcp-security-scanner
A Python-based penetration testing tool designed to scan and identify vulnerabilities in Model Context Protocol (MCP) servers.
cml-mcp
The cml-mcp server acts as an interface for LLM applications to interact with Cisco Modeling Labs (CML), enabling creation and management of network topologies and devices.