Introducing MCPScan: The First Local-First Security Scanner for MCP Servers
Your AI agents are only as secure as the tools they call. MCPScan helps you find out how secure that actually is.
The Problem No One's Talking About
The Model Context Protocol (MCP) is everywhere. In the last year, over 8,500 MCP servers have appeared across registries, GitHub, and npm — giving AI agents the ability to read files, query databases, execute code, manage infrastructure, and interact with dozens of third-party APIs.
Here's what hasn't kept pace: security tooling.
Most MCP servers ship with no security review. No input validation on tool parameters. No authentication on transport layers. No sandboxing of execution environments. Developers install them with npx or uvx, wire them into Claude Desktop or their agent framework of choice, and move on.
This isn't a theoretical risk. In May 2025, Microsoft disclosed CVE-2025-29813 — a critical vulnerability in Azure's MCP integration that allowed remote code execution through malicious tool definitions. The attack surface is real, it's growing, and until now, there's been nothing purpose-built to scan for it.
Today, we're changing that.
What MCPScan Does
MCPScan is an open-source, local-first security scanner for MCP servers. It analyses MCP server configurations and tool definitions to identify vulnerabilities before they reach production.
It runs entirely on your machine. No data leaves your environment. No cloud accounts, no API keys, no telemetry.
Core Capabilities
Configuration Analysis — MCPScan inspects your MCP server configurations and flags insecure defaults, overly permissive tool definitions, and missing authentication.
Tool Definition Scanning — Every MCP tool exposes a JSON schema describing its inputs. MCPScan analyses these schemas for injection vectors, unsafe parameter types, and missing validation constraints.
Transport Security Review — MCP supports multiple transport layers (stdio, SSE, streamable HTTP). MCPScan checks for unencrypted transports, missing authentication headers, and CORS misconfigurations.
OWASP LLM Top 10 Mapping — Every finding maps to the OWASP Top 10 for LLM Applications, giving security teams a familiar framework for triaging and reporting.
CI/CD Integration — MCPScan outputs structured JSON, making it straightforward to integrate into GitHub Actions, GitLab CI, or any pipeline.
Why Local-First Matters
Most security scanners phone home. They upload your configurations, your tool definitions, your API schemas to a cloud service for analysis. For MCP servers — which often contain database connection strings, API keys, and internal service URLs — that's a non-starter.
MCPScan runs entirely locally. Your configurations never leave your machine. This isn't just a privacy feature — it's a security requirement.
Getting Started
Install MCPScan:
pip install mcpscanScan a specific MCP configuration:
mcpscan scan --config ~/.config/claude/claude_desktop_config.jsonScan with JSON output for CI/CD:
mcpscan scan --config mcp.json --format json --output results.jsonWho It's For
- •Developers building or installing MCP servers who want to ship secure defaults
- •Security teams assessing the risk of AI agent deployments across their organisation
- •Platform engineers integrating MCP into internal toolchains and needing CI/CD gates
- •Anyone who's installed an MCP server and wondered, "should I be worried about this?"
What's Next
MCPScan is just the beginning. Here's what's on the roadmap:
- •Dynamic analysis — runtime monitoring of tool calls and permission boundaries
- •MCP registry scanning — bulk analysis of public MCP server registries
- •Policy engine — define organisational rules for acceptable MCP configurations
- •VS Code / IDE integration — scan as you configure, not after you deploy
- •Community rules — contribute and share detection rules for emerging threats
Get Involved
MCPScan is open source and MIT licensed.
Star the repo, try it on your configs, and open issues for anything we've missed. If you're building MCP servers or deploying AI agents, your feedback shapes what we build next.
The MCP ecosystem is moving fast. Security tooling needs to move faster. MCPScan is our contribution to making that happen.
Next steps
Concerned about your AI agent security?
We help organisations assess and secure their AI agent deployments. Get in touch for a free initial consultation.
Get in touch