MCP Security Scanner

Scan any MCP server for vulnerabilities

Paste a GitHub URL, Smithery handle, npm package, or raw MCP server code. Get a public, shareable report mapped to the OWASP MCP Top 10.

Try an example

GitHub URL · Smithery handle · npm package · raw MCP code

Reports are public and shareable. Run the full firewall locally for live blocking: pip install runesec.