mcp-watch
Verified Safeby kapilduraphe
Overview
A comprehensive security scanner for Model Context Protocol (MCP) servers, detecting various vulnerabilities in their implementations.
Installation
mcp-watch scan https://github.com/user/mcp-serverSecurity Notes
The scanner uses `git clone` to fetch external repositories into a temporary directory. While `spawnSync` with an array of arguments for `git clone` reduces direct shell injection risks into the Git command itself, there's always an inherent, albeit low, risk when executing code from untrusted sources, even in a sandboxed environment. The tool is designed to *detect* dangerous patterns like command injection within the scanned code, not *introduce* them into its own operation. Evidence sanitization is implemented to prevent credential leakage in reports.
Similar Servers
mcp-scanner
Scans Model Context Protocol (MCP) servers, tools, prompts, and resources for security vulnerabilities, employing static analysis, YARA rules, Cisco AI Defense API, and LLM-based behavioral analysis.
mcp-audit
Security audit and governance for AI agent configurations (MCPs) in development environments and GitHub repositories.
mcp-security-scanner
A Python-based penetration testing tool designed to scan and identify vulnerabilities in Model Context Protocol (MCP) servers.
Mcpwn
Automated security testing framework for Model Context Protocol (MCP) servers, detecting RCE, path traversal, prompt injection, and protocol vulnerabilities.