Tooltrust Scanner
@AgentSafe-AI
Tooltrust Scanner について
Scan MCP servers for security risks before your AI agent trusts them. Detects prompt injection, supply chain attacks (including the LiteLLM 1.82.7/1.82.8 backdoor), excessive permissions, arbitrary code execution, typosquatting, and tool shadowing. Add to your .mcp.json and let y
基本情報
設定
以下の設定を使って、このサーバーを MCP 対応クライアントに追加してください。
{
"mcpServers": {
"tooltrust": {
"command": "npx",
"args": [
"-y",
"tooltrust-mcp"
]
}
}
}ツール
5Returns the full catalog of security rules used by the ToolTrust scanner, including rule IDs, titles, and descriptions. Useful for understanding what the scanner checks for.
Look up historical security risk grades for an MCP server from the public ToolTrust Directory. Accepts the kebab-case name of the server and returns its full JSON scan report, or 404 if not found.
Reads the user's Claude Code MCP configuration and scans all configured servers in parallel. Searches for .mcp.json in the current directory, then ~/.claude.json as fallback. Returns a summary report with scan results for each server. Servers that fail to start are reported with an error note; scanning continues for remaining servers.
Connects to a live MCP server via standard input/output (stdio), parses its tools, and scans them for prompt injection, data exfiltration, and privilege escalation risks. Returns a risk report with gateway policies (ALLOW, REQUIRE_APPROVAL, or BLOCK) for each tool.
Scan a list of AI agent tool definitions for security risks. Accepts an MCP tools/list JSON payload and returns a risk report with gateway policies (ALLOW, REQUIRE_APPROVAL, or BLOCK) for each tool.
概要
What is Tooltrust Scanner?
Tooltrust Scanner audits MCP servers for prompt injection, data exfiltration, and privilege escalation before an AI agent trusts them. It is designed for developers who integrate MCP servers with AI agents and need a security preflight check.
How to use Tooltrust Scanner?
Add Tooltrust as an MCP server in your configuration using the command npx -y tooltrust-mcp. Then ask your agent to run the MCP tools tooltrust_scan_config to scan all configured servers or tooltrust_scan_server to scan a specific server. A full catalog of MCP tools is documented in the usage guide.
Key features of Tooltrust Scanner
- Detects prompt injection and tool poisoning in descriptions
- Flags excessive permissions (
exec,network,db,fs) - Identifies supply‑chain CVEs and compromised package versions
- Finds privilege escalation and arbitrary code execution patterns
- Spots typosquatting, tool shadowing, and insecure secret handling
- Reports missing rate‑limit, timeout, or retry configuration on risky tools
Use cases of Tooltrust Scanner
- Scan any MCP server before integrating it with an AI agent
- Check configured servers via a single agent command
- Review detailed security findings through the live UI at tooltrust.dev
- Compare security grades across popular MCP servers
- Block known compromised packages (e.g. the LiteLLM / TeamPCP supply‑chain exploit)
FAQ from Tooltrust Scanner
What types of risks does Tooltrust Scanner catch?
It catches prompt injection, excessive permissions, supply‑chain vulnerabilities, privilege escalation, typosquatting, tool shadowing, insecure secret handling, and missing security configuration on risky tools.
How do I run Tooltrust Scanner?
Add it to your MCP client configuration using npx -y tooltrust-mcp, then ask your agent to call tooltrust_scan_config or tooltrust_scan_server.
What runtime or dependencies are required?
Tooltrust Scanner runs via npx (Node.js), so a Node.js runtime must be available on the machine where the MCP client runs.
Is there a web interface?
Yes. A live UI is available at tooltrust.dev where you can browse the public registry, review findings in the browser, and compare grades across servers.
Does it detect supply‑chain attacks?
Yes. It includes an urgent security update that detects and blocks known compromised MCP‑related package versions, including the LiteLLM / TeamPCP exploit.
「開発者ツール」の他のコンテンツ
Hello World MCP Server (Reference Extension)
anthropicsDesktop Extensions: One-click local MCP server installation in desktop apps
Unity MCP (Server + Plugin)
IvanMurzakAI Skills, MCP Tools, and CLI for Unity Engine. Full AI develop and test loop. Use cli for quick setup. Efficient token usage, advanced tools. Any C# method may be turned into a tool by a single line. Works with Claude Code, Gemini, Copilot, Cursor and any other absolutely for fr
MCP-Bridge
SecretiveShellA middleware to provide an openAI compatible endpoint that can call MCP tools
Grafana MCP server
grafanaMCP server for Grafana
MCP Unity Editor (Game Engine)
CoderGamesterModel Context Protocol (MCP) plugin to connect with Unity Editor — designed for Cursor, Claude Code, Codex, Windsurf and other IDEs
コメント