Static and Dynamic Scanning
Supports scanning of MCP configurations and real-time traffic auditing via proxy to detect vulnerabilities such as prompt injections and tool poisoning.
Guardrail Enforcement
Implements guardrail policies to detect sensitive data exposure including personally identifiable information (PII) and secrets during tool calls.
Tool Pinning via Hashing
Detects unauthorized changes to MCP tools (rug pull attacks) by hashing and verifying tool integrity.
Cross-Origin Escalation Detection
Identifies attacks such as tool shadowing across MCP servers to prevent privilege escalation.
Support for Multiple MCP Clients
Analyzes configurations from clients like Claude, Cursor, Windsurf, and file-based MCP clients.