MCP-Shield
@riseandignite
MCP-Shield について
Security scanner for MCP servers
基本情報
設定
以下の設定を使って、このサーバーを MCP 対応クライアントに追加してください。
{
"mcpServers": {
"mcp-shield": {
"command": "npx",
"args": [
"mcp-shield"
]
}
}
}ツール
ツールは検出されませんでした
ツールは README から自動的に抽出されます。メンテナーは ## Tools という見出しの下に記載することで、このタブに反映できます。
概要
What is MCP-Shield?
MCP-Shield scans your installed MCP (Model Context Protocol) servers and detects vulnerabilities such as tool poisoning attacks, data exfiltration channels, and cross-origin escalations. It is for developers and security teams who integrate MCP servers into AI workflows.
How to use MCP-Shield?
Run npx mcp-shield to scan standard MCP configuration locations. Use --path <path> to scan a specific config file, --claude-api-key <key> for enhanced AI analysis, --identify-as <client> to test client‑specific behavior, and --safe-list <servers> to exclude trusted servers. Run npx mcp-shield -h for full help.
Key features of MCP-Shield
- Detects hidden instructions, exfiltration, and tool shadowing
- Identifies sensitive file access attempts
- Detects cross‑origin violations between servers
- Supports Cursor, Claude Desktop, Windsurf, VSCode, Codeium configs
- Optional Claude AI integration for deeper analysis
- Safe‑list functionality to exclude trusted servers
Use cases of MCP-Shield
- Scan new MCP servers before adding them to your environment
- Regular security audits of your MCP configuration
- Validate security during MCP server development
- Verify no regression after updating MCP servers
FAQ from MCP-Shield
What vulnerability types does MCP-Shield detect?
It detects tool poisoning with hidden instructions, data exfiltration channels, tool shadowing and behavior modification, sensitive file access attempts, and cross‑origin violations between servers.
How do I use MCP-Shield with the Claude API?
Pass the --claude-api-key YOUR_API_KEY flag when running the scan. This enables AI‑powered analysis that provides detailed risk assessments and explanations for each detected vulnerability.
Can I scan a specific configuration file?
Yes, use the --path <path> option to point to a specific MCP config file (.mcp/*.json or claude_desktop_config.json). If omitted, MCP-Shield scans standard locations on your system.
Does MCP-Shield support a safe list?
Yes, use --safe-list "server1,server2" to exclude those servers from scanning and from cross‑origin violation detection.
What MCP client configurations does it support?
It supports Cursor, Claude Desktop, Windsurf, VSCode, and Codeium configuration files.
「その他」の他のコンテンツ
🪟 Windows-MCP
CursorTouchMCP Server for Computer Use in Windows
Activepieces
activepiecesAI Agents & MCPs & AI Workflow Automation • (~400 MCP servers for AI agents) • AI Automation / AI Agent with MCPs • AI Workflows & AI Agents • MCPs for AI Agents

Sequential Thinking
modelcontextprotocolModel Context Protocol Servers
MCP Toolbox for Databases
googleapisMCP Toolbox for Databases is an open source MCP server for databases.
Nginx UI
0xJackyYet another WebUI for Nginx
コメント