#scanner

Security scanner for MCP servers. Scores any server against the AgentsID trust framework live scan via npx or lookup pre-scanned results from the public registry of 15,983 servers. Returns trust score (0–100), grade (A–F), and findings across injection, permissions, validation, and auth categories.

A Model Context Protocol (MCP) server that provides Trivy security scanning capabilities through a standardized interface.

MCP Server for using Garak LLM vulnerability scanner

MCP server for scanning local code and localhost URLs

Asterisk Model Context Protocol (MCP) server.

Fight AI with AI. 6 adversarial AI agents debate crypto token risk before your agent trades. Rug-pull detection, security audits, consensus scoring. Supports Solana, Ethereum, Base, BSC. Free tier available.

The only MCP server that gates skill installation behind a full security scan. 60+ threat patterns, 13 MCP tools, and support for 7 clients including Claude Code, Cursor, Windsurf, and GitHub Copilot. Features AI-powered search, cloud sync, and startup verification with SHA-256 content hashing.

detect exposed mcp servers over the internet and enumerate their tools

Mcp services by marshal

A comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in your MCP implementations.

Scan any website for AI agent readiness — payment protocols (x402, MPP, SPT, L402), MCP servers, OpenAPI specs, llms.txt, plugins, and more. Returns scored reports with 80+ checks.

Open-source AWS security scanner with Attack Chains, Breach Cost Estimation, and MCP Server. 47 checks across 15 AWS services. Every finding includes copy-paste remediation (CLI + Terraform) and a dollar-risk estimate with verified source. First free standalone AWS security MCP server - Prowler and Wiz require paid SaaS.

Detect live website vulnerabilities and security flaws in GitHub repositories using automated DAST and SAST scanning. Safeguard applications by identifying exposed secrets, insecure dependencies, and common code patterns prone to exploitation. Receive structured fix plans with precise code remediation steps to resolve identified risks and improve security posture.

Scan MCP servers for security risks before your AI agent trusts them. Detects prompt injection, supply chain attacks (including the LiteLLM 1.82.7/1.82.8 backdoor), excessive permissions, arbitrary code execution, typosquatting, and tool shadowing. Add to your .mcp.json and let your agent audit its own tools with tooltrust_scan_config.

Connect AI agents to real-time crypto market scanning on Binance Futures. Create scans with CEL rules (e.g., rsi_14 < 30 && volume_quote > 100000), run them across all pairs, read alert events, and get explanations for why alerts fired or didn't. 9 tools, MIT license, works via npx @tickory/mcp.

Scan APIs for security vulnerabilities and get OWASP risk scores. Detects auth bypass, BOLA/IDOR, data exposure, prompt injection, and 12+ security categories.

AI agent readability scanner — score any public URL against the Vercel Agent Readability Spec, llmstxt.org, and 6 agent-protocol manifests (MCP, A2A, agents.json, agent-permissions, UCP, x402). 59 checks with per-check fix guidance. Same engine as agent-ready.dev.

MCP server with 53 security intelligence tools — CVE/KEV, MITRE ATLAS+D3FEND, Sigma detection rules, email security posture (SPF/DMARC), domain & web intel, threat intel.