Agent Security Scanner Mcp
agent-security-scanner-mcp · by sinewaveai
Security scanner MCP server for AI coding agents. Prompt injection firewall, package hallucination detection (4.3M+ packages), 1000+ vulnerability rules with AST & taint analysis, auto-fix.
No known CVEs
MIT license
Actively maintained
Last commit 7d ago
Works with most clients
Transport: stdio, sse
0 tools
Grade F
Step 1
Install in your client
Config is the same across clients — only the file and path differ.
CD
Supported in Claude Desktopstdio, sse · Node 18+
Paste into ~/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"agent-security-scanner-mcp": {
"args": [
"-y",
"agent-security-scanner-mcp"
],
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Embed in your READMEAbout badges →
[](https://mcppedia.org/s/agent-security-scanner-mcp)
Read me
What Agent Security Scanner Mcp does
Security scanner MCP server for AI coding agents. Prompt injection firewall, package hallucination detection (4.3M+ packages), 1000+ vulnerability rules with AST & taint analysis, auto-fix.
Test This Server
This server supports HTTP transport. Be the first to test it — help the community know if it works.
Loading README…
Scored, not listed
Why this score
Five weighted categories — click any category to see the underlying evidence.
Score breakdown
63/100across 5 weighted dimensions
0255075100
23
17
13
10
−37
Security
Maintenance
Efficiency
Documentation
Compatibility
Categoriesclick a row to see evidence
Security
OSV.dev4 fixed
CVE-2020-14343info · fixed
PYSEC-2021-142
A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.
CVE-2020-1747info · fixed
PYSEC-2020-96
A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.
CVE-2019-20477info · fixed
PYSEC-2020-176
PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-18342.
CVE-2017-18342info · fixed
PYSEC-2018-49
In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function.
Help improve this page
This server is missing a description. Tools and install config are also missing.If you've used it, help the community.
Add informationCommunity
Reviews
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
How easy was setup?Did it work reliably?How was the documentation?
Sign in to write a review.
Frequently Asked Questions
- Is Agent Security Scanner Mcp safe to use?
- Agent Security Scanner Mcp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
- How do I install Agent Security Scanner Mcp?
- Agent Security Scanner Mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
- What AI clients work with Agent Security Scanner Mcp?
- Agent Security Scanner Mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.
- Is Agent Security Scanner Mcp actively maintained?
- Agent Security Scanner Mcp is actively maintained — last commit was 7 days ago. It has 102 GitHub stars.
Related
Similar servers
Others in security
Evil Mcp Server93An evil MCP server used for redteam testing
30 1
Ida Pro Mcp92AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.
8.7k 3
Iam Policy Autopilot90IAM Policy Autopilot is an open source static code analysis tool that helps you quickly create baseline AWS IAM policies that you can refine as your application evolves. This tool is available as a command-line utility and MCP server for use within AI coding assistants for quickly building IAM policies.
361 1
I
io.github.peacprotocol/peac90Signed receipts for agent, API, and MCP interactions. Portable and offline-verifiable.
11 5
MCP Security Weekly
Get CVE alerts and security updates for Agent Security Scanner Mcp and similar servers.
Community
Discussion
Start a conversation
Ask a question, share a tip, or report an issue.
Has anyone used this with Cursor?How do you handle auth?Any alternatives?
Sign in to join the discussion.
