Scan an MCP server

Enter a GitHub repository URL. We check for 15 vulnerability categories including tool poisoning, command injection, and credential theft.

Scans analyze public source code for security patterns. Results are cached for 1 hour. Only public repositories can be scanned.

Popular servers to try

modelcontextprotocol/serversanthropics/anthropic-cookbookfirebase/firebase-mcpstripe/agent-toolkitsupabase-community/supabase-mcp