#scanner

Security scanner for MCP servers. Scores any server against the AgentsID trust framework live scan via npx or lookup pre-scanned results from the public registry of 15,983 servers. Returns trust score (0–100), grade (A–F), and findings across injection, permissions, validation, and auth categories.

A Model Context Protocol (MCP) server that provides Trivy security scanning capabilities through a standardized interface.

MCP Server for using Garak LLM vulnerability scanner

MCP server for scanning local code and localhost URLs

Asterisk Model Context Protocol (MCP) server.

Fight AI with AI. 6 adversarial AI agents debate crypto token risk before your agent trades. Rug-pull detection, security audits, consensus scoring. Supports Solana, Ethereum, Base, BSC. Free tier available.

The only MCP server that gates skill installation behind a full security scan. 60+ threat patterns, 13 MCP tools, and support for 7 clients including Claude Code, Cursor, Windsurf, and GitHub Copilot. Features AI-powered search, cloud sync, and startup verification with SHA-256 content hashing.

detect exposed mcp servers over the internet and enumerate their tools

Mcp services by marshal

A comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in your MCP implementations.

Scan any website for AI agent readiness — payment protocols (x402, MPP, SPT, L402), MCP servers, OpenAPI specs, llms.txt, plugins, and more. Returns scored reports with 80+ checks.

Open-source AWS security scanner with Attack Chains, Breach Cost Estimation, and MCP Server. 47 checks across 15 AWS services. Every finding includes copy-paste remediation (CLI + Terraform) and a dollar-risk estimate with verified source. First free standalone AWS security MCP server - Prowler and Wiz require paid SaaS.

Detect live website vulnerabilities and security flaws in GitHub repositories using automated DAST and SAST scanning. Safeguard applications by identifying exposed secrets, insecure dependencies, and common code patterns prone to exploitation. Receive structured fix plans with precise code remediation steps to resolve identified risks and improve security posture.

Scan MCP servers for security risks before your AI agent trusts them. Detects prompt injection, supply chain attacks (including the LiteLLM 1.82.7/1.82.8 backdoor), excessive permissions, arbitrary code execution, typosquatting, and tool shadowing. Add to your .mcp.json and let your agent audit its own tools with tooltrust_scan_config.

Connect AI agents to real-time crypto market scanning on Binance Futures. Create scans with CEL rules (e.g., rsi_14 < 30 && volume_quote > 100000), run them across all pairs, read alert events, and get explanations for why alerts fired or didn't. 9 tools, MIT license, works via npx @tickory/mcp.

Security intelligence MCP server with 29 tools. Domain recon + one-shot audit, CVE/EPSS/KEV lookup (340K+ CVEs), IP threat reports (AbuseIPDB + Shodan + ASN), bulk CVE/IOC lookups, IOC enrichment, SSL/email security scoring, code security scanning. Free tier 100 credits/hour, no API key required. 15+ GitHub stars, VS Code Marketplace extension, npm SDK, Smithery 98/100.

Scan APIs for security vulnerabilities and get OWASP risk scores. Detects auth bypass, BOLA/IDOR, data exposure, prompt injection, and 12+ security categories.