Key Features
- Scans Model Context Protocol (MCP) servers across stdio, HTTP, and SSE transports.
- Detects 8 vulnerability categories including tool poisoning (Unicode/RTL overrides), RCE vectors, and SSRF.
- Automated discovery of MCP configuration files for Claude Desktop, Cursor, and other AI clients.
- Identifies credential leaks in tool metadata (AWS keys, Anthropic/OpenAI tokens, JWTs, and DB strings).
- Supports terminal, JSON, and SARIF 2.1.0 output formats for CI/CD integration and GitHub Code Scanning.
- Severity-based filtering and network sweeping for unauthenticated servers exposed on localhost.
Use Cases
- Auditing third-party MCP tools for malicious behavior before integration into enterprise AI agent workflows.
- Red teamers identifying remote command execution or data exfiltration paths in developer environments.
- Pentesters sweeping internal networks for unauthenticated MCP servers exposed on 0.0.0.0.
- Validating supply chain security for MCP modules and checking against known CVEs like CVE-2025-6514.
