Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"io-github-mcpshield-dev-mcpshield": {
"args": [
"-y",
"mcpshield"
],
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Scan MCP servers and GitHub repositories for security vulnerabilities.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y 'mcpshield' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
Checked mcpshield against OSV.dev.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in security
Security scanner for GitHub repos, Agent Skills, Plugins, and MCP servers. 18 scanners. Zero dependencies.
AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.
mcpki-server is the backend infrastructure for https://www.mcpki.org, enabling secure public key management and autonomous certificate handling for large language models (LLMs).
Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.
MCP Security Weekly
Get CVE alerts and security updates for io.github.MCPShield-Dev/mcpshield and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
Scan MCP servers and GitHub repositories for security vulnerabilities.
Powered by MCPShield — the MCP security scanner with 59+ detection rules covering the OWASP MCP Top 10.
npm install -g mcpshield
Get a free API key at mcpshield.co/settings, then:
mcpshield auth mcp_sk_your_key_here
# Scan an HTTP MCP server
mcpshield scan --url https://mcp-server.example.com/mcp
# Scan a GitHub repository
mcpshield scan --github https://github.com/user/repo
# JSON output (for CI/CD)
mcpshield scan --url https://mcp-server.example.com/mcp --json
# Filter by severity
mcpshield scan --url https://mcp-server.example.com/mcp --severity high
0 — Scan completed, no critical findings1 — Error (invalid key, rate limit, scan failure)2 — Scan completed with critical findingsMCPSHIELD_API_KEY — API key (alternative to mcpshield auth)MCPSHIELD_API_URL — Custom API endpoint (for self-hosted)MIT