io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp

base-security-scanner-mcp

MCP server to scan smart contracts on Base for honeypots, rug pulls, and vulnerabilities.

1 21/wk 8 tools GitHub npm

No known CVEs

No license

Maintained

Last commit 82d ago

Works with most clients

Transport: stdio, sse

8 tools · ~426 tok

Grade A · 0.2% of 200K ctx

Edit this pageView history

Security Finance

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "base-security-scanner": {
      "args": [
        "-y",
        "base-security-scanner-mcp"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-lordbasilaiassistant-sudo-base-security-scanner-mcp)](https://mcppedia.org/s/io-github-lordbasilaiassistant-sudo-base-security-scanner-mcp)

Read me

What io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp does

MCP server for AI agents to scan smart contracts on Base mainnet for security vulnerabilities. Detect honeypots, rug pulls, hidden mints, proxy patterns, and generate full audit reports -- all read-only, no private key needed.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y 'base-security-scanner-mcp' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

82/100across 5 weighted dimensions

How we score →

0255075100

−18

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked base-security-scanner-mcp against OSV.dev.

Inventory

Tools (8)

Click any tool to inspect its schema.

~426 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp safe to use?: io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp?: io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp do?: io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp provides 8 tools: scan_contract, check_honeypot, detect_rug_risk, analyze_bytecode, check_token_permissions and 3 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp?: io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.
Is io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp actively maintained?: io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp is recently maintained — last commit was 82 days ago. It has 1 GitHub stars.

Similar servers

Others in security / finance

View all →

Alpha Vantage Mcp95

Real-time financial market data: stocks, forex, crypto, commodities, and economic indicators

158 3

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

Investor Agent93

A Model Context Protocol server for building an investor agent

328 7

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

MCP Security Weekly

Get CVE alerts and security updates for io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Tools (8)

Tool	Description
`scan_contract`	Analyze a contract for security issues (reentrancy, access control, hidden mints, proxy patterns)
`check_honeypot`	Check if a token is a honeypot by simulating buy+sell via Uniswap V2
`detect_rug_risk`	Score rug pull risk 0-100 based on ownership, liquidity, permissions, honeypot status
`analyze_bytecode`	Disassemble bytecode, identify contract type (proxy, AMM, ERC-20, diamond, etc.)
`check_token_permissions`	Check owner permissions: mint, pause, blacklist, change fees, disable trading
`get_contract_info`	Basic contract metadata: verified status, bytecode size, ETH balance, token info
`compare_bytecode`	Clone detection -- check if two contracts share the same bytecode
`audit_report`	Full security audit combining all checks into one comprehensive report

Tool

Description

scan_contract

Analyze a contract for security issues (reentrancy, access control, hidden mints, proxy patterns)

check_honeypot

Check if a token is a honeypot by simulating buy+sell via Uniswap V2

detect_rug_risk

Score rug pull risk 0-100 based on ownership, liquidity, permissions, honeypot status

analyze_bytecode

Disassemble bytecode, identify contract type (proxy, AMM, ERC-20, diamond, etc.)

check_token_permissions

Check owner permissions: mint, pause, blacklist, change fees, disable trading

get_contract_info

Basic contract metadata: verified status, bytecode size, ETH balance, token info

compare_bytecode

Clone detection -- check if two contracts share the same bytecode

audit_report

Full security audit combining all checks into one comprehensive report

Variable	Default	Description
`RPC_URL`	`https://mainnet.base.org`	Base mainnet RPC endpoint

Variable

Default

Description

RPC_URL

https://mainnet.base.org

Base mainnet RPC endpoint

How It Works

Bytecode Analysis: Extracts PUSH4 opcodes to find function selectors, matches against 30+ known dangerous patterns

Opcode Scanning: Detects DELEGATECALL, SELFDESTRUCT, CREATE, CREATE2

Honeypot Detection: Simulates ETH->Token->ETH round-trip via Uniswap V2 router getAmountsOut

Rug Scoring: Weighted algorithm combining ownership, liquidity depth, dangerous permissions, honeypot status

Clone Detection: Jaccard similarity on function selector sets

Related MCP Servers

Package	Tools	What it does
`obsd-launchpad-mcp`	14	Deploy tokens, trade, earn OBSD
`base-security-scanner-mcp`	8	Scan contracts for vulnerabilities
`base-price-oracle-mcp`	7	On-chain price feeds from DEX pools
`base-multi-wallet-mcp`	8	Coordinated multi-wallet trading
`base-gasless-deploy-mcp`	5	Gasless ERC-20 token deployment
`base-flash-arb-mcp`	7	Detect arbitrage opportunities
`base-token-sniper-mcp`	5	Discover & trade new launches
`base-wallet-toolkit-mcp`	7	Wallet balances, gas, tokens
`base-contract-reader-mcp`	6	Read any smart contract (free)
`create-mcp-server-cli`	-	Scaffold a new MCP server

Package

Tools

What it does

obsd-launchpad-mcp

Deploy tokens, trade, earn OBSD

base-security-scanner-mcp

Scan contracts for vulnerabilities

base-price-oracle-mcp

On-chain price feeds from DEX pools

base-multi-wallet-mcp

Coordinated multi-wallet trading

base-gasless-deploy-mcp

Gasless ERC-20 token deployment

base-flash-arb-mcp

Detect arbitrage opportunities

base-token-sniper-mcp

Discover & trade new launches

base-wallet-toolkit-mcp

Wallet balances, gas, tokens

base-contract-reader-mcp

Read any smart contract (free)

create-mcp-server-cli

Scaffold a new MCP server

Frequently Asked Questions

Is io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp safe to use?

io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp?

io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp do?

io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp provides 8 tools: scan_contract, check_honeypot, detect_rug_risk, analyze_bytecode, check_token_permissions and 3 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp?

io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.

Is io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp actively maintained?

io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp is recently maintained — last commit was 82 days ago. It has 1 GitHub stars.

Tools (8)

Tool	Description
`scan_contract`	Analyze a contract for security issues (reentrancy, access control, hidden mints, proxy patterns)
`check_honeypot`	Check if a token is a honeypot by simulating buy+sell via Uniswap V2
`detect_rug_risk`	Score rug pull risk 0-100 based on ownership, liquidity, permissions, honeypot status
`analyze_bytecode`	Disassemble bytecode, identify contract type (proxy, AMM, ERC-20, diamond, etc.)
`check_token_permissions`	Check owner permissions: mint, pause, blacklist, change fees, disable trading
`get_contract_info`	Basic contract metadata: verified status, bytecode size, ETH balance, token info
`compare_bytecode`	Clone detection -- check if two contracts share the same bytecode
`audit_report`	Full security audit combining all checks into one comprehensive report

Tool

Description

scan_contract

Analyze a contract for security issues (reentrancy, access control, hidden mints, proxy patterns)

check_honeypot

Check if a token is a honeypot by simulating buy+sell via Uniswap V2

detect_rug_risk

Score rug pull risk 0-100 based on ownership, liquidity, permissions, honeypot status

analyze_bytecode

Disassemble bytecode, identify contract type (proxy, AMM, ERC-20, diamond, etc.)

check_token_permissions

Check owner permissions: mint, pause, blacklist, change fees, disable trading

get_contract_info

Basic contract metadata: verified status, bytecode size, ETH balance, token info

compare_bytecode

Clone detection -- check if two contracts share the same bytecode

audit_report

Full security audit combining all checks into one comprehensive report

Variable	Default	Description
`RPC_URL`	`https://mainnet.base.org`	Base mainnet RPC endpoint

Variable

Default

Description

RPC_URL

https://mainnet.base.org

Base mainnet RPC endpoint

How It Works

Bytecode Analysis: Extracts PUSH4 opcodes to find function selectors, matches against 30+ known dangerous patterns

Opcode Scanning: Detects DELEGATECALL, SELFDESTRUCT, CREATE, CREATE2

Honeypot Detection: Simulates ETH->Token->ETH round-trip via Uniswap V2 router getAmountsOut

Rug Scoring: Weighted algorithm combining ownership, liquidity depth, dangerous permissions, honeypot status

Clone Detection: Jaccard similarity on function selector sets

Related MCP Servers

Package	Tools	What it does
`obsd-launchpad-mcp`	14	Deploy tokens, trade, earn OBSD
`base-security-scanner-mcp`	8	Scan contracts for vulnerabilities
`base-price-oracle-mcp`	7	On-chain price feeds from DEX pools
`base-multi-wallet-mcp`	8	Coordinated multi-wallet trading
`base-gasless-deploy-mcp`	5	Gasless ERC-20 token deployment
`base-flash-arb-mcp`	7	Detect arbitrage opportunities
`base-token-sniper-mcp`	5	Discover & trade new launches
`base-wallet-toolkit-mcp`	7	Wallet balances, gas, tokens
`base-contract-reader-mcp`	6	Read any smart contract (free)
`create-mcp-server-cli`	-	Scaffold a new MCP server

Package

Tools

What it does

obsd-launchpad-mcp

Deploy tokens, trade, earn OBSD

base-security-scanner-mcp

Scan contracts for vulnerabilities

base-price-oracle-mcp

On-chain price feeds from DEX pools

base-multi-wallet-mcp

Coordinated multi-wallet trading

base-gasless-deploy-mcp

Gasless ERC-20 token deployment

base-flash-arb-mcp

Detect arbitrage opportunities

base-token-sniper-mcp

Discover & trade new launches

base-wallet-toolkit-mcp

Wallet balances, gas, tokens

base-contract-reader-mcp

Read any smart contract (free)

create-mcp-server-cli

Scaffold a new MCP server

io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp

Install in your client

What io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp does

Test This Server

Why this score

82/100across 5 weighted dimensions

Security

Tools (8)

Reviews

Frequently Asked Questions

Similar servers

Discussion

io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp

Install in your client

What io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp does

Test This Server

base-security-scanner-mcp

Install

Configure (Claude Desktop / Cursor)

Tools (8)

Environment Variables

How It Works

Related MCP Servers

License

Why this score

82/100across 5 weighted dimensions

Security

Tools (8)

Reviews

Frequently Asked Questions

Similar servers

Discussion

base-security-scanner-mcp

Install

Configure (Claude Desktop / Cursor)

Tools (8)

Environment Variables

How It Works

Related MCP Servers

License