MCP-Scan: Security Scanner for AI Agent Components

MCP-Scan is a security scanner designed to discover and scan AI agent components for vulnerabilities, including prompt injections and malware payloads. The tool supports both static and dynamic scanning, allowing users to identify potential threats in their AI agent configurations. MCP-Scan can auto-discover MCP configurations, agent tools, and skills, providing a comprehensive inventory of installed agent components. It detects various security vulnerabilities, such as prompt injection attacks, tool poisoning attacks, and toxic flows. The tool also scans local STDIO MCP servers and remote HTTP/SSE MCP servers, ensuring that all communication channels are secure. MCP-Scan supports scanning of Claude, Cursor, Windsurf, and other file-based MCP client configurations. In addition to scanning for vulnerabilities, MCP-Scan also provides guardrailing policies that can be enforced on MCP tool calls and responses. These policies include PII detection, secrets detection, and tool restrictions. The tool also offers real-time auditing and logging of MCP traffic, allowing users to monitor the behavior of their AI agents and identify potential attacks. MCP-Scan operates in two main modes: scan and proxy. The scan mode statically scans installed servers for malicious tool descriptions and tools, while the proxy mode continuously monitors MCP connections in real-time and restricts what agent systems can do over MCP.