Tooltrust Scanner
@AgentSafe-AI
关于 Tooltrust Scanner
Scan MCP servers for security risks before your AI agent trusts them. Detects prompt injection, supply chain attacks (including the LiteLLM 1.82.7/1.82.8 backdoor), excessive permissions, arbitrary code execution, typosquatting, and tool shadowing. Add to your .mcp.json and let y
基本信息
配置
使用下面的配置,将此服务器添加到你的 MCP 客户端。
{
"mcpServers": {
"tooltrust": {
"command": "npx",
"args": [
"-y",
"tooltrust-mcp"
]
}
}
}工具
5Returns the full catalog of security rules used by the ToolTrust scanner, including rule IDs, titles, and descriptions. Useful for understanding what the scanner checks for.
Look up historical security risk grades for an MCP server from the public ToolTrust Directory. Accepts the kebab-case name of the server and returns its full JSON scan report, or 404 if not found.
Reads the user's Claude Code MCP configuration and scans all configured servers in parallel. Searches for .mcp.json in the current directory, then ~/.claude.json as fallback. Returns a summary report with scan results for each server. Servers that fail to start are reported with an error note; scanning continues for remaining servers.
Connects to a live MCP server via standard input/output (stdio), parses its tools, and scans them for prompt injection, data exfiltration, and privilege escalation risks. Returns a risk report with gateway policies (ALLOW, REQUIRE_APPROVAL, or BLOCK) for each tool.
Scan a list of AI agent tool definitions for security risks. Accepts an MCP tools/list JSON payload and returns a risk report with gateway policies (ALLOW, REQUIRE_APPROVAL, or BLOCK) for each tool.
概览
What is Tooltrust Scanner?
Tooltrust Scanner audits MCP servers for prompt injection, data exfiltration, and privilege escalation before an AI agent trusts them. It is designed for developers who integrate MCP servers with AI agents and need a security preflight check.
How to use Tooltrust Scanner?
Add Tooltrust as an MCP server in your configuration using the command npx -y tooltrust-mcp. Then ask your agent to run the MCP tools tooltrust_scan_config to scan all configured servers or tooltrust_scan_server to scan a specific server. A full catalog of MCP tools is documented in the usage guide.
Key features of Tooltrust Scanner
- Detects prompt injection and tool poisoning in descriptions
- Flags excessive permissions (
exec,network,db,fs) - Identifies supply‑chain CVEs and compromised package versions
- Finds privilege escalation and arbitrary code execution patterns
- Spots typosquatting, tool shadowing, and insecure secret handling
- Reports missing rate‑limit, timeout, or retry configuration on risky tools
Use cases of Tooltrust Scanner
- Scan any MCP server before integrating it with an AI agent
- Check configured servers via a single agent command
- Review detailed security findings through the live UI at tooltrust.dev
- Compare security grades across popular MCP servers
- Block known compromised packages (e.g. the LiteLLM / TeamPCP supply‑chain exploit)
FAQ from Tooltrust Scanner
What types of risks does Tooltrust Scanner catch?
It catches prompt injection, excessive permissions, supply‑chain vulnerabilities, privilege escalation, typosquatting, tool shadowing, insecure secret handling, and missing security configuration on risky tools.
How do I run Tooltrust Scanner?
Add it to your MCP client configuration using npx -y tooltrust-mcp, then ask your agent to call tooltrust_scan_config or tooltrust_scan_server.
What runtime or dependencies are required?
Tooltrust Scanner runs via npx (Node.js), so a Node.js runtime must be available on the machine where the MCP client runs.
Is there a web interface?
Yes. A live UI is available at tooltrust.dev where you can browse the public registry, review findings in the browser, and compare grades across servers.
Does it detect supply‑chain attacks?
Yes. It includes an urgent security update that detects and blocks known compromised MCP‑related package versions, including the LiteLLM / TeamPCP exploit.
开发工具 分类下的更多 MCP 服务器
Code Index MCP
johnhuang316A Model Context Protocol (MCP) server that helps large language models index, search, and analyze code repositories with minimal setup
Deepwiki MCP Server
regenrek📖 MCP server for fetch deepwiki.com and get latest knowledge in Cursor and other Code Editors
MCP Containers
metorialConnect any AI model to 1200+ integrations (MCP, CLI, API)
JetBrains MCP Proxy Server
JetBrainsA model context protocol server to work with JetBrains IDEs: IntelliJ, PyCharm, WebStorm, etc. Also, works with Android Studio
DevDocs by CyberAGI 🚀
cyberagiincCompletely free, private, UI based Tech Documentation MCP server. Designed for coders and software developers in mind. Easily integrate into Cursor, Windsurf, Cline, Roo Code, Claude Desktop App
评论