Security & Testing

Mcp Scan

MCP Scan is a suite of tools designed to identify security vulnerabilities in Model Context Protocol (MCP) servers and connections, particularly within AI agent environments. The open-source MCP-Scan by Invariant Labs offers static and dynamic scanning capabilities, analyzing configurations from clients such as Claude and Cursor. It detects vulnerabilities including prompt injections, tool poisoning, and toxic flows, while also enforcing guardrail policies to monitor sensitive data like PII and secrets. Additionally, it supports real-time auditing of MCP traffic through a proxy mode. Other MCP Scan variants include Enkrypt AI's MCP Scan, which focuses on agentic static analysis to detect command injection, path traversal, and code injection, and mcpscan.ai, which scans MCP servers for tool poisoning and LLM-specific vulnerabilities. These tools cater to developers and teams working with MCP servers in AI agents, providing mechanisms to detect unauthorized tool changes and cross-origin escalation attacks.

Updated Jan 26, 2026open-source

Visit Mcp Scan ↗Visual Guide

Overview

MCP Scan tools provide static and dynamic security scanning for MCP servers and connections, focusing on vulnerabilities like prompt injection and tool poisoning.

Pricing

open-source

Security Auditing for AI Agent MCP Servers

Developers integrate MCP Scan to statically and dynamically analyze their MCP server configurations and traffic to identify vulnerabilities before deployment.

Real-Time MCP Traffic Monitoring

Teams use the proxy mode to audit live MCP traffic, detecting prompt injections and unauthorized tool changes as they occur.

Compliance Enforcement

Organizations apply guardrail policies via MCP Scan to ensure sensitive data like PII and secrets are not leaked through MCP tool calls.

Quick Start

Install MCP-Scan

Clone or download the repository from GitHub at https://github.com/invariantlabs-ai/mcp-scan.

Run Static Scan

Execute the command mcp-scan scan to analyze MCP configurations and connect to MCP servers.

Enable Real-Time Auditing

Use mcp-scan proxy to audit MCP traffic in real time for prompt injections and unauthorized tool changes.

Review Scan Results

Examine detected vulnerabilities such as prompt injections, tool poisoning, and toxic flows.

Apply Guardrails and Tool Pinning

Implement guardrail policies and tool hashing to enforce security based on scan findings.

📊

Strategic Context for Mcp Scan

Get weekly analysis on market dynamics, competitive positioning, and implementation ROI frameworks with AI Intelligence briefings.

Try Intelligence Free →

7 days free · No credit card

Assessment

Strengths

Supports both static configuration scanning and dynamic proxy monitoring.
Detects specific MCP threats such as rug pulls via tool hashing.
Integrates guardrail policies for PII, secrets, and custom rules.
Open-source with CLI suitable for local and CI/CD environments.
Fast scan times (under 7 minutes for Enkrypt AI scans).

Limitations

Shares tool names and descriptions with invariantlabs.ai API during scans.
Enkrypt AI publishes scan results publicly in MCP Hub.
Limited support to certain MCP clients like Claude and Cursor; remote servers may fail scanning.