Is io.github.joepangallo/mcp-audit-server safe to use?

io.github.joepangallo/mcp-audit-server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install io.github.joepangallo/mcp-audit-server?

io.github.joepangallo/mcp-audit-server can be installed by cloning its GitHub repository and following the setup instructions in the README.

What can io.github.joepangallo/mcp-audit-server do?

io.github.joepangallo/mcp-audit-server provides 10 tools: audit_mcp_config, audit_mcp_server, audit_agent_trust, audit_prompt_injection, audit_agent_dataflow and 5 more. See the full tools list on the server page for descriptions and parameters.

Is io.github.joepangallo/mcp-audit-server actively maintained?

io.github.joepangallo/mcp-audit-server is actively maintained — last commit was 14 days ago.

io.github.joepangallo/mcp-audit-server

Thin MCP and CLI proxy for AI agent and MCP security auditing via a hosted backend

ActiveNot tested

AI / ML Legal Security

GitHub

59CNo CVEsactive10 tools

Quick Install

{
  "mcpServers": {
    "io-github-joepangallo-mcp-audit-server": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Setup guide

No install config available. Check the server's README for setup instructions.

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-joepangallo-mcp-audit-server)](https://mcppedia.org/s/io-github-joepangallo-mcp-audit-server)

Should you use this server?

Thin MCP and CLI proxy for AI agent and MCP security auditing via a hosted backend

✓

Is it safe?

No package registry to scan.

No authentication — any process on your machine can connect.

License not specified.

✓

Is it maintained?

Last commit 14 days ago.

Will it work with my client?

Transport: stdio. Works with Claude Desktop, Cursor, Claude Code, and most MCP clients.

Context cost

10 tools. ~500 tokens (0.3% of 200K).

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Score Breakdown

MCPpedia Score

Click each category to see evidence

59C

Last scored 22h ago

How we score →

Security

11/30

No known vulnerabilities.

○

Known CVEs — No package registry to scan

✓

Tool safety — No dangerous patterns detected

✓

Tool poisoning — No poisoning indicators detected

✗

Injection vectors — Found: safety bypass language, unsafe markers

✓

Tool stability — Tool definitions stable

○

Dependency health — No package to analyze

✗

License — No license specified

○

Authentication — No authentication required

○

Tools (10)

audit_mcp_config

Static analysis of MCP config JSON for privilege, auth, transport, and launch risks

audit_mcp_server

Active probing of a running MCP server over stdio (requires AGENT_SECURITY_ADMIN_MODE=1)

audit_agent_trust

Trust audit for tool permissions, execution provenance, secret exposure controls, policy drift, and deployment trust score

audit_prompt_injection

Tests a system prompt against a 30+ payload injection catalog

audit_agent_dataflow

Traces PII and secret exposure through an agent's tool pipeline

scan_mcp_package

Scans an npm MCP package for dependency vulnerabilities and dangerous patterns

generate_report

Combines multiple audit results into a composite report with executive summary

fix_mcp_config

Auto-remediates config issues: removes unsafe flags, upgrades transport, redacts secrets

harden_system_prompt

Appends injection-resistant guardrails to a system prompt

generate_policy

Generates an enforceable JSON security policy from an MCP config

Frequently Asked Questions

Is io.github.joepangallo/mcp-audit-server safe to use?: io.github.joepangallo/mcp-audit-server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.joepangallo/mcp-audit-server?: io.github.joepangallo/mcp-audit-server can be installed by cloning its GitHub repository and following the setup instructions in the README.
What can io.github.joepangallo/mcp-audit-server do?: io.github.joepangallo/mcp-audit-server provides 10 tools: audit_mcp_config, audit_mcp_server, audit_agent_trust, audit_prompt_injection, audit_agent_dataflow and 5 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with io.github.joepangallo/mcp-audit-server?: io.github.joepangallo/mcp-audit-server is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.
Is io.github.joepangallo/mcp-audit-server actively maintained?: io.github.joepangallo/mcp-audit-server is actively maintained — last commit was 14 days ago.

io.github.joepangallo/mcp-audit-server

Quick Install

Should you use this server?

Test This Server

Score Breakdown

MCPpedia Score

Security

Tools (10)

Help improve this page

Reviews

Frequently Asked Questions

Similar servers

Sequential Thinking MCP Server

Arxiv Mcp Server

Gemini Cli

Python Sdk

Discussion