MCPScan

Your MCP servers
are wide open.

The first dedicated security scanner for Model Context Protocol servers. 8,500+ MCP servers deployed. Zero dedicated scanning tools โ€” until now.

Azure's own MCP server had a critical SSRF vulnerability. If Microsoft can't get it right, what's hiding in yours?

MCP is
everywhere.
Security
isn't.

๐ŸŽฏ

SSRF vulnerabilities

MCP tools tricked into making requests to internal services

๐Ÿ’‰

Prompt injection via tool results

Malicious data returned through tools hijacks agent behaviour

๐Ÿ”‘

Excessive permissions

MCP servers running with far more access than they need

๐Ÿšช

No authentication

Many MCP servers lack proper auth, exposing tools to anyone

๐Ÿ“ค

Data exfiltration paths

Tool chains exploited to leak sensitive data externally

๐Ÿ“ฆ

Supply chain risks

Community MCP servers running untrusted code with privileged access

What it does.

๐Ÿ”

Static Analysis

  • โ€”Scan mcp.json / server configurations for misconfigurations
  • โ€”Detect overly permissive tool definitions
  • โ€”Identify tools with dangerous capabilities (file system, network, shell)
  • โ€”Flag missing authentication and authorisation
๐Ÿงช

Dynamic Testing

  • โ€”SSRF probe testing across all tool endpoints
  • โ€”Prompt injection resilience testing via tool inputs
  • โ€”Permission boundary testing
  • โ€”Data exfiltration path detection
  • โ€”Authentication bypass attempts
๐Ÿ“Š

Compliance Reporting

  • โ€”OWASP Top 10 for LLM Applications mapping
  • โ€”Risk severity scoring (Critical / High / Medium / Low)
  • โ€”Remediation guidance with code examples
  • โ€”Exportable PDF and JSON reports
๐Ÿ”„

Continuous Monitoring

  • โ€”Scheduled scanning (daily / weekly / on-deploy)
  • โ€”CI/CD pipeline integration
  • โ€”Alerting on new vulnerabilities or config drift
  • โ€”MCP server inventory and asset management

How it works.

terminal

$ mcpscan scan --config ./mcp.json

Scanning MCP server configuration...

โœ“ 12 tools scanned

โœ“ 3 SSRF vectors tested

โœ“ Permission boundaries validated

Results:

๐Ÿ”ด CRITICAL: SSRF in database_query tool

๐ŸŸก MEDIUM: No auth on file_read tool

๐ŸŸข LOW: Verbose error messages in API tool

Report saved to ./mcpscan-report.json

CI/CD Integration

Works with GitHub Actions, GitLab CI, Jenkins, Azure DevOps, CircleCI, and any CI/CD via CLI.

.github/workflows/security.yml

- name:

MCPScan Security Check

uses:

mcpscan/action@v1

with:

config: ./mcp.json

severity-threshold: high

fail-on-findings: true

Who it's for.

๐Ÿ—๏ธ

Platform Teams

Deploying MCP servers for AI agents? Know they're secure before they hit production.

๐Ÿ”’

Security Teams

Asked to approve MCP adoption? Get visibility into what these servers can do and what risks they introduce.

๐Ÿ‘ฉโ€๐Ÿ’ป

Developers

Building MCP tools? Ship secure code without becoming a security expert.

๐Ÿข

Compliance Teams

Auditors asking about AI agent security? Get evidence that MCP tools are assessed and monitored.

8,500+

MCP servers in the wild

0

Dedicated MCP scanners before MCPScan

3+

CVEs already disclosed in major MCP servers

Pricing

14-day free trial on all paid plans. No credit card required for Free tier.

Free

For individual developers and open-source projects

ยฃ0/month
  • โœ“Up to 3 MCP servers
  • โœ“Static analysis only
  • โœ“Basic vulnerability report
  • โœ“Community support
  • โœ“10 scans/month
Most Popular

Pro

For teams building with MCP

ยฃ49/month
  • โœ“Up to 25 MCP servers
  • โœ“Static + dynamic analysis
  • โœ“Full reports with remediation
  • โœ“CI/CD integration
  • โœ“Weekly scheduled scans
  • โœ“Priority email support

Business

For production MCP deployments

ยฃ199/month
  • โœ“Unlimited MCP servers
  • โœ“Static + dynamic + continuous
  • โœ“OWASP LLM Top 10 reporting
  • โœ“Custom scanning policies
  • โœ“API access for automation
  • โœ“SSO and team management
  • โœ“24-hour response SLA

Enterprise

For regulated industries

Custom
  • โœ“Everything in Business
  • โœ“On-premise / private cloud
  • โœ“Custom compliance frameworks
  • โœ“Dedicated security engineer
  • โœ“SIEM/SOAR integration
  • โœ“4-hour response SLA

FAQ

What MCP server implementations do you support?

MCPScan works with any MCP-compliant server โ€” TypeScript SDK, Python SDK, custom implementations. If it speaks MCP, we can scan it.

Does scanning affect my production MCP servers?

Static analysis is completely passive. Dynamic testing sends controlled test payloads โ€” we recommend running against staging environments first. All test payloads are safe and non-destructive.

How is this different from a regular vulnerability scanner?

Traditional scanners don't understand the MCP protocol or AI-specific attack vectors like prompt injection via tools. MCPScan is purpose-built for MCP's unique threat model.

Can I scan third-party MCP servers before installing them?

Yes โ€” this is one of our most popular use cases. Point MCPScan at a server's source code or configuration before deploying it. Think of it as a security gate for your MCP supply chain.

Do you offer an on-premise version?

Yes, on our Enterprise plan. MCPScan can run entirely within your network for organisations with strict data residency requirements.

Don't wait for your first MCP breach.

Scan your MCP servers for free. No credit card. No sales call. Just answers.