Strengths
- Supports both static configuration scanning and dynamic proxy monitoring.
- Detects specific MCP threats such as rug pulls via tool hashing.
- Integrates guardrail policies for PII, secrets, and custom rules.
- Open-source with CLI suitable for local and CI/CD environments.
- Fast scan times (under 7 minutes for Enkrypt AI scans).
Limitations
- Shares tool names and descriptions with invariantlabs.ai API during scans.
- Enkrypt AI publishes scan results publicly in MCP Hub.
- Limited support to certain MCP clients like Claude and Cursor; remote servers may fail scanning.