Is io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp safe to use?

io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp?

io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp do?

io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp provides 8 tools: scan_contract, check_honeypot, detect_rug_risk, analyze_bytecode, check_token_permissions and 3 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp?

io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio and sse transport.

Is io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp actively maintained?

io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp is recently maintained — last commit was 32 days ago.

Should you use this server?

MCP server to scan smart contracts on Base for honeypots, rug pulls, and vulnerabilities.

✓

Is it safe?

No known CVEs for base-security-scanner-mcp.

No authentication — any process on your machine can connect.

License not specified.

✓

Is it maintained?

Last commit 32 days ago. 32 weekly downloads.

Will it work with my client?

Transport: stdio, sse. Works with Claude Desktop, Cursor, Claude Code, and most MCP clients.

Context cost

8 tools. ~400 tokens (0.2% of 200K).

Score Breakdown

MCPpedia Score

Click each category to see evidence

82A

Last scored just now

How we score →

Security

30/30

No known vulnerabilities.

✓

Known CVEs — No known CVEs for base-security-scanner-mcpcheck OSV.dev

✓

Tool safety — No dangerous patterns detected

✓

Tool poisoning — No poisoning indicators detected

✓

Injection vectors — No injection vectors detected

✓

Tool stability — Tool definitions stable

○

Dependency health — found on deps.dev, recently updated

✗

License — No license specified

○

Authentication

base-security-scanner-mcp

MCP server for AI agents to scan smart contracts on Base mainnet for security vulnerabilities. Detect honeypots, rug pulls, hidden mints, proxy patterns, and generate full audit reports -- all read-only, no private key needed.

Install

npx -y base-security-scanner-mcp

Configure (Claude Desktop / Cursor)

{
  "mcpServers": {
    "base-security-scanner": {
      "command": "npx",
      "args": ["-y", "base-security-scanner-mcp"]
    }
  }
}

Tools (8)

| Tool | Description | |------|-------------| | scan_contract | Analyze a contract for security issues (reentrancy, access control, hidden mints, proxy patterns) | | check_honeypot | Check if a token is a honeypot by simulating buy+sell via Uniswap V2 | | detect_rug_risk | Score rug pull risk 0-100 based on ownership, liquidity, permissions, honeypot status | | analyze_bytecode | Disassemble bytecode, identify contract type (proxy, AMM, ERC-20, diamond, etc.) | | check_token_permissions | Check owner permissions: mint, pause, blacklist, change fees, disable trading | | get_contract_info | Basic contract metadata: verified status, bytecode size, ETH balance, token info | | compare_bytecode | Clone detection -- check if two contracts share the same bytecode | | audit_report | Full security audit combining all checks into one comprehensive report |

Environment Variables

| Variable | Default | Description | |----------|---------|-------------| | RPC_URL | https://mainnet.base.org | Base mainnet RPC endpoint |

How It Works

Bytecode Analysis: Extracts PUSH4 opcodes to find function selectors, matches against 30+ known dangerous patterns
Opcode Scanning: Detects DELEGATECALL, SELFDESTRUCT, CREATE, CREATE2
Honeypot Detection: Simulates ETH->Token->ETH round-trip via Uniswap V2 router getAmountsOut
Rug Scoring: Weighted algorithm combining ownership, liquidity depth, dangerous permissions, honeypot status
Clone Detection: Jaccard similarity on function selector sets

Related MCP Servers

| Package | Tools | What it does | |---------|-------|-------------| | obsd-launchpad-mcp | 14 | Deploy tokens, trade, earn OBSD | | base-security-scanner-mcp | 8 | Scan contracts for vulnerabilities | | base-price-oracle-mcp | 7 | On-chain price feeds from DEX pools | | base-multi-wallet-mcp | 8 | Coordinated multi-wallet trading | | base-gasless-deploy-mcp | 5 | Gasless ERC-20 token deployment | | base-flash-arb-mcp | 7 | Detect arbitrage opportunities | | base-token-sniper-mcp | 5 | Discover & trade new launches | | base-wallet-toolkit-mcp | 7 | Wallet balances, gas, tokens | | base-contract-reader-mcp | 6 | Read any smart contract (free) | | create-mcp-server-cli | - | Scaffold a new MCP server |

License

MIT

io.github.lordbasilaiassistant-sudo/base-security-scanner-mcp

Quick Install

Should you use this server?

Test This Server

Score Breakdown

MCPpedia Score

Security

Tools (8)

Help improve this page

Reviews

Frequently Asked Questions

Similar servers

Swiss Caselaw MCP Server

Luxembourg Law MCP Server

eu.ansvar/chilean-law-mcp

Senegalese Law MCP Server

Discussion

base-security-scanner-mcp

Install

Configure (Claude Desktop / Cursor)

Tools (8)

Environment Variables

How It Works

Related MCP Servers

License