MCP.so

MCP Watch ๐Ÿ”

@kapilduraphe

MCP Watch ๐Ÿ” ใซใคใ„ใฆ

A comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in your MCP implementations.

ๅŸบๆœฌๆƒ…ๅ ฑ

ใ‚ซใƒ†ใ‚ดใƒช

ใใฎไป–

ใƒฉใ‚คใ‚ปใƒณใ‚น

MIT license

ใƒฉใƒณใ‚ฟใ‚คใƒ 

node

ใƒˆใƒฉใƒณใ‚นใƒใƒผใƒˆ

stdio

ๅ…ฌ้–‹่€…

kapilduraphe

่จญๅฎš

ๆจ™ๆบ–ใฎ่จญๅฎšใฏใ‚ใ‚Šใพใ›ใ‚“

ใ“ใฎใ‚ตใƒผใƒใƒผใฎ README ใซใฏ่งฃๆžๅฏ่ƒฝใช MCP ่จญๅฎšใƒ–ใƒญใƒƒใ‚ฏใŒๅซใพใ‚Œใฆใ„ใพใ›ใ‚“ใ€‚ใ‚คใƒณใ‚นใƒˆใƒผใƒซๆ‰‹้ †ใฏใƒชใƒใ‚ธใƒˆใƒชใ‚’ใ”็ขบ่ชใใ ใ•ใ„ใ€‚

ใƒชใƒใ‚ธใƒˆใƒช

ใƒ„ใƒผใƒซ

ใƒ„ใƒผใƒซใฏๆคœๅ‡บใ•ใ‚Œใพใ›ใ‚“ใงใ—ใŸ

ใƒ„ใƒผใƒซใฏ README ใ‹ใ‚‰่‡ชๅ‹•็š„ใซๆŠฝๅ‡บใ•ใ‚Œใพใ™ใ€‚ใƒกใƒณใƒ†ใƒŠใƒผใฏ ## Tools ใจใ„ใ†่ฆ‹ๅ‡บใ—ใฎไธ‹ใซ่จ˜่ผ‰ใ™ใ‚‹ใ“ใจใงใ€ใ“ใฎใ‚ฟใƒ–ใซๅๆ˜ ใงใใพใ™ใ€‚

ๆฆ‚่ฆ

What is MCP Watch ๐Ÿ”?

MCP Watch ๐Ÿ” is a comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in your MCP implementations. It is built for developers and security researchers who need to audit MCP servers against a range of attack vectors.

How to use MCP Watch ๐Ÿ”?

Install globally with npm install -g mcp-watch or locally with npm install mcp-watch. To scan a GitHub repository, run mcp-watch scan <repository-url>. You can filter results by severity (--severity high) or category (--category credential-leak), and choose output format with --format json.

Key features of MCP Watch ๐Ÿ”?

  • Credential Detection for hardcoded API keys and tokens
  • Tool Poisoning detection for hidden malicious instructions
  • Parameter Injection identification for sensitive data extraction
  • Prompt Injection scanning for manipulation

ใ‚ณใƒกใƒณใƒˆ

ใ€Œใใฎไป–ใ€ใฎไป–ใฎใ‚ณใƒณใƒ†ใƒณใƒ„