cebus-mcp-scanner
Verified Safeby security-tools-monkey
Overview
A Python CLI tool for static and config-based security scanning of MCP (Model Context Protocol) servers and tools, highlighting risky patterns for local or multi-tenant deployments.
Installation
mcp-scanner scan --path /path/to/mcp/projectSecurity Notes
The project is a static security scanner designed to analyze source code without executing it. It utilizes standard and safe parsing libraries (Python's `ast` module, `json`, `yaml.safe_load`, `tomllib`) and explicitly handles parsing errors, creating minimal ASTs for malformed files. There are no direct usages of dangerous functions like `eval()` or arbitrary command execution within the scanner's own logic. While it identifies potentially dangerous patterns (e.g., shell execution, dynamic HTTP calls, file access) in the *scanned project's code*, it does not itself exhibit these behaviors. The tool's design prioritizes safety for integration into CI/CD pipelines.
Similar Servers
mcp-scanner
Scans Model Context Protocol (MCP) servers, tools, prompts, and resources for security vulnerabilities, employing static analysis, YARA rules, Cisco AI Defense API, and LLM-based behavioral analysis.
mcp-server-code-execution-mode
This server enables LLM agents to execute Python code in a highly secure, isolated container environment, facilitating complex multi-tool orchestration and data analysis with minimal LLM context token usage.
mcp-interviewer
A Python CLI tool to evaluate Model Context Protocol (MCP) servers for agentic use-cases, by inspecting capabilities, running functional tests, and providing LLM-as-a-judge evaluations.
mcp-watch
A comprehensive security scanner for Model Context Protocol (MCP) servers, detecting various vulnerabilities in their implementations.