MCP.so
登录

MCP Watch šŸ”

@kapilduraphe

å…³äŗŽ MCP Watch šŸ”

A comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in your MCP implementations.

基本俔息

åˆ†ē±»

其他

č®øåÆčÆ

MIT license

čæč”Œę—¶

node

ä¼ č¾“ę–¹å¼

stdio

å‘åøƒč€…

kapilduraphe

é…ē½®

ęš‚ę— ę ‡å‡†é…ē½®

čÆ„ęœåŠ”å™Øēš„ README äø­ę²”ęœ‰åÆč§£ęžēš„ MCP é…ē½®å—ļ¼ŒčÆ·å‰å¾€ä»£ē ä»“åŗ“ęŸ„ēœ‹å®‰č£…čÆ“ę˜Žć€‚

代码仓库

å·„å…·

ęœŖę£€ęµ‹åˆ°å·„å…·

å·„å…·ę˜Æä»Ž README äø­č‡ŖåŠØęå–ēš„ć€‚ē»“ęŠ¤č€…åÆä»„åœØ ## Tools ę ‡é¢˜äø‹åˆ—å‡ŗå·„å…·,å³åÆå”«å……čæ™éƒØåˆ†å†…å®¹ć€‚

ę¦‚č§ˆ

What is MCP Watch šŸ”?

MCP Watch šŸ” is a comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in your MCP implementations. It is built for developers and security researchers who need to audit MCP servers against a range of attack vectors.

How to use MCP Watch šŸ”?

Install globally with npm install -g mcp-watch or locally with npm install mcp-watch. To scan a GitHub repository, run mcp-watch scan <repository-url>. You can filter results by severity (--severity high) or category (--category credential-leak), and choose output format with --format json.

Key features of MCP Watch šŸ”?

  • Credential Detection for hardcoded API keys and tokens
  • Tool Poisoning detection for hidden malicious instructions
  • Parameter Injection identification for sensitive data extraction
  • Prompt Injection scanning for manipulation

评论

其他 åˆ†ē±»äø‹ēš„ę›“å¤š MCP ęœåŠ”å™Ø