MCP Scanner
ScanLeaderboardDocsSign in

Getting Started

Scanner

Integrations

API Reference

Security

Documentation

MCP Scanner is a free security scanner for Model Context Protocol servers. It analyzes GitHub repositories for 122 vulnerability patterns across 15 categories, maps findings to the OWASP MCP Top 10 with CWE references, and exports SARIF, JSON, and OWASP compliance reports.

Quick Start

Scan any public GitHub repository with a single API call:

Terminal
curl https://mcpscanner.cloud/api/v1/score/modelcontextprotocol/servers

Or use the web interface — paste a GitHub URL and get results in seconds.

Source Code Scan

Submit a GitHub repository URL to scan its source code.

POST /api/scan
{
  "repoUrl": "https://github.com/owner/repo"
}

// Response: { "id": "scan_abc123", "status": "pending" }

Poll GET /api/scan/:scanId for results. Scans typically complete in 5–15 seconds.

Config Scanner

Scan MCP client configuration files for hardcoded secrets, dangerous commands, and insecure settings. No GitHub repo required.

POST /api/scan/config
{
  "config": "{ \"mcpServers\": { ... } }"
}

Or use the web interface to paste your config.

Bulk Scan

Scan up to 20 repositories in a single request.

POST /api/scan/bulk
{
  "repoUrls": [
    "https://github.com/owner/repo1",
    "https://github.com/owner/repo2"
  ]
}

GitHub Actions

Add MCP security scanning to your CI/CD pipeline. Use the generator or copy this workflow:

.github/workflows/mcp-scan.yml
name: MCP Security Scan
on: [push, pull_request]
jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - name: Check MCP Security Score
        run: |
          RESULT=$(curl -sf $URL/api/v1/score/$OWNER/$REPO)
          GRADE=$(echo "$RESULT" | jq -r '.grade')
          if [ "$GRADE" = "F" ] || [ "$GRADE" = "D" ]; then
            echo "::error::Grade $GRADE below threshold"
            exit 1
          fi

MCPGuard GitHub App

MCPGuard automatically scans PRs for insecure MCP configuration files. It posts inline review comments with fix suggestions and blocks merges when critical issues are found.

VS Code Extension

MCP Config Guardian provides real-time inline warnings as you edit MCP config files. Compatible with VS Code, Cursor, and Windsurf.

Coming soon to the VS Code Marketplace and Open VSX.

GET /api/v1/score/:owner/:repo

Returns the latest security grade and score. Supports optional Bearer token for higher rate limits.

Response
{
  "server": "owner/repo",
  "grade": "B",
  "score": 78,
  "findings": { "critical": 0, "high": 2, "medium": 3, "low": 1 },
  "lastScanned": "2026-04-05T...",
  "reportUrl": "...",
  "badgeUrl": "..."
}

GET /api/badge/:owner/:repo.svg

SVG badge for READMEs. Cached for 1 hour.

Markdown
![MCP Security](https://mcpscanner.cloud/api/badge/owner/repo.svg)

POST /api/scan

Initiate a new scan. Rate limited to 30/hour per IP.

POST /api/scan
{ "repoUrl": "https://github.com/owner/repo" }

// Returns: { "id": "...", "status": "pending" }

POST /api/scan/config

Scan an MCP configuration JSON string. No authentication required.

POST /api/scan/bulk

Scan up to 20 repositories. Returns an array of scan IDs.

GET /api/export/:scanId/owasp

Export OWASP MCP Top 10 compliance report for a completed scan.

OWASP MCP Top 10

MCP01Token Mismanagement & Secret Exposure
MCP02Scope Mismanagement & Privilege Escalation
MCP03Tool Poisoning (Description-time)
MCP04Tool Poisoning (Runtime)
MCP05Excessive Data Exposure
MCP06Insecure Input Handling / Injection
MCP07Insufficient Authentication & Authorization
MCP08Insecure Communication
MCP09Shadow MCP Servers
MCP10Logging & Monitoring Deficiencies

Detection Rules

122 rules across 15 categories: tool poisoning, command injection, path traversal, SSRF, credential theft, excessive permissions, missing auth, supply chain, rug pull, data exfiltration, insecure communication, excessive data exposure, logging deficiency, runtime tool poisoning, and shadow MCP server detection.

CWE Mapping

Every rule includes CWE identifiers. 180+ unique CWEs mapped, with MITRE ATLAS technique references where applicable.