MCP server security scanner that detects vulnerability patterns in MCP server configurations and outputs SARIF reports. Scans for prompt injection risks, tool poisoning, excessive permissions, and other security issues in Model Context Protocol servers.
Server Config
{
"mcpServers": {
"mcp-scan": {
"command": "npx",
"args": [
"@syntrophy/mcp-scan"
]
}
}
}