MCP Scanner
A Python tool for scanning MCP (Model Context Protocol) servers and tools for potential security vulnerabilities. The MCP Scanner combines Cisco AI Defense inspect API, YARA rules and LLM-as-a-judge to detect malicious MCP tools.
Overview
The MCP Scanner provides a comprehensive solution for scanning MCP servers and tools for security vulnerabilities. It leverages three powerful scanning engines (Yara, LLM-as-judge, Cisco AI Defense) that can be used together or independently.
The SDK is designed to be easy to use while providing powerful scanning capabilities, flexible authentication options, and customization.
Features
Multiple Modes: Run scanner as a stand-alone CLI tool or REST API server
Run scanner as a stand-alone CLI tool or REST API server Multi-Engine Security Analysis : Use all three scanning engines together or independently based on your needs.
: Use all three scanning engines together or independently based on your needs. Comprehensive Scanning : Scan MCP tools, prompts, and resources for security vulnerabilities
: Scan MCP tools, prompts, and resources for security vulnerabilities Explicit Authentication Control : Fine-grained control over authentication with explicit Auth parameters.
... continue reading