Is Agent Scan safe to use?

Agent Scan has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under Apache-2.0.

How do I install Agent Scan?

Agent Scan supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What AI clients work with Agent Scan?

Agent Scan is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is Agent Scan actively maintained?

Agent Scan is actively maintained — last commit was 0 days ago. It has 2,490 GitHub stars.

Agent Scan

Name: Agent Scan
Author: snyk

Official

snyk-agent-scan · by snyk

Security scanner for AI agents, MCP servers and agent skills.

2.5k 0 tools GitHub PyPI

No known CVEs

Apache-2.0 license

Actively maintained

Last commit 0d ago

Works with most clients

Transport: stdio, sse, http

0 tools

Grade F

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "agent-scan": {
      "args": [
        "snyk-agent-scan"
      ],
      "command": "uvx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/agent-scan)](https://mcppedia.org/s/agent-scan)

Read me

What Agent Scan does

Discover and scan agent components on your machine for prompt injections and vulnerabilities (including agents, MCP servers, skills).

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

uvx 'snyk-agent-scan' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

63/100across 5 weighted dimensions

How we score →

0255075100

−37

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked snyk-agent-scan against OSV.dev.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Agent Scan safe to use?: Agent Scan has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under Apache-2.0.
How do I install Agent Scan?: Agent Scan supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What AI clients work with Agent Scan?: Agent Scan is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Agent Scan actively maintained?: Agent Scan is actively maintained — last commit was 0 days ago. It has 2,490 GitHub stars.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

8.9k 3

Nothumanallowed91

Security-first platform for AI agents. 38 specialized agents, 15 AI-powered extensions, zero-knowledge multi-agent orchestration. SENTINEL WAF, Ed25519 auth, 2.6M grounding facts.

97 5

MCP Security Weekly

Get CVE alerts and security updates for Agent Scan and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "agent-scan": {
      "args": [
        "snyk-agent-scan"
      ],
      "command": "uvx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/agent-scan)](https://mcppedia.org/s/agent-scan)

Read me

What Agent Scan does

Discover and scan agent components on your machine for prompt injections and vulnerabilities (including agents, MCP servers, skills).

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

uvx 'snyk-agent-scan' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

Snyk Agent Scan

Discover and scan agent components on your machine for prompt injections
and vulnerabilities (including agents, MCP servers, skills).

NEW Read our technical report on the emerging threats of the agent skill eco-system published together with Agent Scan 0.4, which adds support for scanning agent skills.

Agent Scan helps you keep an inventory of all your installed agent components (harnesses, MCP servers, and skills) and scans them for common threats like prompt injections, sensitive data handling, or malware payloads hidden in natural language. Ignore analysis on skills by using --no-skills.

Security Warning

⚠️ IMPORTANT: Scanning MCP configurations will execute the commands defined in them.

When Agent Scan scans an MCP configuration file, it starts the stdio MCP servers by executing the commands and arguments specified in the config. This is necessary to retrieve tool descriptions and perform security analysis.

Recommendations:

Run scans inside a sandbox (Docker container, VM, or disposable environment) when evaluating untrusted or third-party MCP configs

Review the consent prompt carefully during interactive scans, it shows the exact command and arguments that will be executed for each server

Use --dangerously-run-mcp-servers only in trusted environments where you've verified all MCP server commands

By default, Agent Scan requires explicit user consent (y/n) before starting each stdio MCP server during interactive runs. This gives you control over what gets executed on your system.

Highlights

Auto-discover MCP configurations, agent tools, skills
Scanning of Claude, Cursor, Windsurf, Gemini CLI, Amp, Amazon Q, and other agents.
Detects 15+ distinct security risks across MCP servers and agent skills:
- MCP: Prompt Injection, Tool Poisoning, Tool Shadowing, Toxic Flows
- Skills: Prompt Injection, Malware Payloads, Untrusted Content, Credential Handling, Hardcoded Secrets

Supported agents and capabilities

Agent Scan auto-discovers agents and their capabilities (MCP servers or skills) when their install paths exist. The table reflects well-known agent definitions.

✓: at least one path is defined for that capability.
✗: the agent is listed for that OS but has no paths for that capability.
—: that agent is not included for that OS.
Skills Skills can be ignored by using --no-skills

Agent	macOS MCP	macOS Skills	Linux MCP	Linux Skills	Windows MCP	Windows Skills
Windsurf	✓	✓	✓	✓	✓	✓
Cursor	✓	✓	✓	✓	✓	✓
VS Code	✓	✓	✓	✓	✓	✓
Claude Desktop	✓	✗	—	—	✓	✗
Claude Code	✓	✓	✓	✓	✓	✓
Gemini CLI	✓	✓	✓	✓	✓	✓
OpenClaw	✗	✓	✗	✓	✗	✓

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

63/100across 5 weighted dimensions

How we score →

0255075100

−37

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked snyk-agent-scan against OSV.dev.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Agent Scan safe to use?: Agent Scan has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under Apache-2.0.
How do I install Agent Scan?: Agent Scan supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What AI clients work with Agent Scan?: Agent Scan is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Agent Scan actively maintained?: Agent Scan is actively maintained — last commit was 0 days ago. It has 2,490 GitHub stars.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

8.9k 3

Nothumanallowed91

Security-first platform for AI agents. 38 specialized agents, 15 AI-powered extensions, zero-knowledge multi-agent orchestration. SENTINEL WAF, Ed25519 auth, 2.6M grounding facts.

97 5

MCP Security Weekly

Get CVE alerts and security updates for Agent Scan and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?