Is io.github.aidongise-cell/prism-scanner safe to use?

io.github.aidongise-cell/prism-scanner has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install io.github.aidongise-cell/prism-scanner?

io.github.aidongise-cell/prism-scanner supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can io.github.aidongise-cell/prism-scanner do?

io.github.aidongise-cell/prism-scanner provides 6 tools: scan, Docker, Contributing, License, Support and 1 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with io.github.aidongise-cell/prism-scanner?

io.github.aidongise-cell/prism-scanner is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.

Is io.github.aidongise-cell/prism-scanner actively maintained?

io.github.aidongise-cell/prism-scanner is recently maintained — last commit was 51 days ago. It has 11 GitHub stars.

io.github.aidongise-cell/prism-scanner

prism-scanner

Security scanner for AI Agent skills, plugins, and MCP servers with A-F grading.

11 6 tools GitHub npm PyPI

No known CVEs

No license

Maintained

Last commit 51d ago

Works with most clients

Transport: stdio, sse

6 tools · ~305 tok

Grade A · 0.2% of 200K ctx

Edit this pageView history

AI / ML Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "prism-scanner": {
      "command": "prism-mcp"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-aidongise-cell-prism-scanner)](https://mcppedia.org/s/io-github-aidongise-cell-prism-scanner)

Read me

What io.github.aidongise-cell/prism-scanner does

Security scanner for AI Agent skills, plugins, and MCP servers.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y 'prism-scanner' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

81/100across 5 weighted dimensions

How we score →

0255075100

−19

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked prism-scanner against OSV.dev.

Inventory

Tools (6)

Click any tool to inspect its schema.

~305 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.aidongise-cell/prism-scanner safe to use?: io.github.aidongise-cell/prism-scanner has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.aidongise-cell/prism-scanner?: io.github.aidongise-cell/prism-scanner supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can io.github.aidongise-cell/prism-scanner do?: io.github.aidongise-cell/prism-scanner provides 6 tools: scan, Docker, Contributing, License, Support and 1 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with io.github.aidongise-cell/prism-scanner?: io.github.aidongise-cell/prism-scanner is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.
Is io.github.aidongise-cell/prism-scanner actively maintained?: io.github.aidongise-cell/prism-scanner is recently maintained — last commit was 51 days ago. It has 11 GitHub stars.

Similar servers

Others in ai-ml / security

View all →

Sequential Thinking MCP Server98

Dynamic problem-solving through sequential thought chains

86.4k 1

Memory MCP Server98

Persistent memory using a knowledge graph

86.4k 5

Antigravity Workspace Template96

Workspace template + MCP server for Claude Code, Codex CLI, Cursor & Windsurf. Multi-agent knowledge engine (ag-refresh / ag-ask) that turns any codebase into a queryable AI assistant.

1.2k 2

Modelcontextprotocol96

The official MCP server implementation for the Perplexity API Platform

2.2k 4

MCP Security Weekly

Get CVE alerts and security updates for io.github.aidongise-cell/prism-scanner and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

AI / ML Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "prism-scanner": {
      "command": "prism-mcp"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-aidongise-cell-prism-scanner)](https://mcppedia.org/s/io-github-aidongise-cell-prism-scanner)

Read me

What io.github.aidongise-cell/prism-scanner does

Security scanner for AI Agent skills, plugins, and MCP servers.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y 'prism-scanner' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

:large_blue_diamond: Prism Scanner

Security scanner for AI Agent skills, plugins, and MCP servers.

Prism analyzes code for malicious behavior before you install it — and checks your system for leftover threats after you uninstall.

Unlike marketplace-only trust scores, Prism gives you full lifecycle coverage with code-level transparency — pre-install, runtime, and post-uninstall — across every platform, completely open source.

:sparkles: What's new in v0.2.x

P10 — Agent psychological manipulation detection: detects gaslighting, guilt-tripping, authority impersonation, urgency pressure, and emotional coercion patterns embedded in skill descriptions, prompts, and code strings. Based on Northeastern/Harvard/MIT research on conversational manipulation of AI agents — to our knowledge, the first open-source automated detector for this attack class.
M7 — Publish hygiene checks: catches source maps, .env files, private keys, IDE configs, and package-manager credentials before they ship. Inspired by Anthropic's April 2026 source-map leak that exposed 512K lines of Claude Code internals via npm. Wire it into your CI:
```
prism scan ./dist --fail-on high
```
47–93% fewer false positives on real-world skills (S1, S4, S8, S12 engine fixes; validated against 3 representative ClawHub skills that previously flooded with false flags).
41 detection rules total across S1–S14 (behavior), M1–M7 (metadata + publish hygiene), P1–P10 (patterns + manipulation), and R1–R10 (residue).
v0.2.2 fixes a cosmetic version-string mismatch (prism --version reported 0.1.3 after upgrading to 0.2.1); detection behavior is identical to v0.2.1.

Why Prism?

	Marketplace Trust Scores	Prism Scanner
Pre-install	:white_check_mark: Reputation score	:white_check_mark: Deep code analysis
Post-uninstall	:x:	:white_check_mark: Residue & persistence scan
Inspection	Black-box rating	Code-level, rule-by-rule
Platforms	Single ecosystem	ClawHub, MCP, npm, pip
Source	Closed	Open (Apache 2.0)
Execution	Requires upload	Local-first, offline OK

Quick Start

pip install prism-scanner

# Scan a local skill directory
prism scan ./my-skill/

# Scan a GitHub repo directly
prism scan https://github.com/user/skill-repo

# Check your system for agent residue
prism clean --scan

# Generate a cleanup plan (non-destructive)
prism clean --plan

# Execute cleanup with automatic backups
prism clean --apply

Homebrew (macOS)

brew tap prismlab/tools
brew install prism-scanner

npx (no install needed)

npx prism-scanner scan https://github.com/user/skill-repo

GitHub Action (CI/CD)

Add Prism to your CI pipeline — findings appear in GitHub's Security tab:

# .github/workflows/prism-scan.yml
name: Prism Security Scan
on: [push, pull_request]

permissions:
  security-events: write
  contents: read

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: aidongise-cell/prism-scanner@mai

... [View full README on GitHub](https://github.com/aidongise-cell/prism-scanner#readme)

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

81/100across 5 weighted dimensions

How we score →

0255075100

−19

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked prism-scanner against OSV.dev.

Inventory

Tools (6)

Click any tool to inspect its schema.

~305 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.aidongise-cell/prism-scanner safe to use?: io.github.aidongise-cell/prism-scanner has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.aidongise-cell/prism-scanner?: io.github.aidongise-cell/prism-scanner supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can io.github.aidongise-cell/prism-scanner do?: io.github.aidongise-cell/prism-scanner provides 6 tools: scan, Docker, Contributing, License, Support and 1 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with io.github.aidongise-cell/prism-scanner?: io.github.aidongise-cell/prism-scanner is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.
Is io.github.aidongise-cell/prism-scanner actively maintained?: io.github.aidongise-cell/prism-scanner is recently maintained — last commit was 51 days ago. It has 11 GitHub stars.

Similar servers

Others in ai-ml / security

View all →

Sequential Thinking MCP Server98

Dynamic problem-solving through sequential thought chains

86.4k 1

Memory MCP Server98

Persistent memory using a knowledge graph

86.4k 5

Antigravity Workspace Template96

Workspace template + MCP server for Claude Code, Codex CLI, Cursor & Windsurf. Multi-agent knowledge engine (ag-refresh / ag-ask) that turns any codebase into a queryable AI assistant.

1.2k 2

Modelcontextprotocol96

The official MCP server implementation for the Perplexity API Platform

2.2k 4

MCP Security Weekly

Get CVE alerts and security updates for io.github.aidongise-cell/prism-scanner and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?