Is io.github.mdfifty50-boop/agent-security safe to use?

io.github.mdfifty50-boop/agent-security has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install io.github.mdfifty50-boop/agent-security?

io.github.mdfifty50-boop/agent-security can be installed by cloning its GitHub repository and following the setup instructions in the README.

What AI clients work with io.github.mdfifty50-boop/agent-security?

io.github.mdfifty50-boop/agent-security is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.

io.github.mdfifty50-boop/agent-security

Prompt injection detection, secret scanning, permission auditing

0 tools GitHub

No known CVEs

No license

Maintenance unknown

No commit data

Untested

Transport: stdio

0 tools

Grade F

Legal

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Untested on Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-mdfifty50-boop-agent-security": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-mdfifty50-boop-agent-security)](https://mcppedia.org/s/io-github-mdfifty50-boop-agent-security)

Read me

What io.github.mdfifty50-boop/agent-security does

Prompt injection detection, secret scanning, permission auditing

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

16/100across 5 weighted dimensions

How we score →

0255075100

−84

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Help improve this page

This server is missing a description. Tools and install config are also missing.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.mdfifty50-boop/agent-security safe to use?: io.github.mdfifty50-boop/agent-security has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.mdfifty50-boop/agent-security?: io.github.mdfifty50-boop/agent-security can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with io.github.mdfifty50-boop/agent-security?: io.github.mdfifty50-boop/agent-security is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.

Similar servers

Others in legal

View all →

A11y Mcp88

An MCP (Model Context Protocol) server for performing accessibility audits on webpages using axe-core. Use the results in an agentic loop with your favorite AI assistants (Amp/Cline/Cursor/GH Copilot) and let them fix a11y issues for you!

40 2

io.github.cmendezs/mcp-facture-electronique-fr87

MCP server for French e-invoicing (XP Z12-013). Manages invoices, validation and compliance.

Swiss Caselaw MCP Server86

956k Swiss court decisions: full-text search, citation graph, statute lookup (DE/FR/IT)

19 3

io.github.delimit-ai/delimit-mcp-server86

API governance for AI coding assistants. Breaking changes, policies, cross-model context.

13 9

MCP Security Weekly

Get CVE alerts and security updates for io.github.mdfifty50-boop/agent-security and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Legal

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Untested on Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-mdfifty50-boop-agent-security": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-mdfifty50-boop-agent-security)](https://mcppedia.org/s/io-github-mdfifty50-boop-agent-security)

Read me

What io.github.mdfifty50-boop/agent-security does

Prompt injection detection, secret scanning, permission auditing

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

Agent Security MCP Server

Security scanning, prompt injection detection, secret leak detection, and agent permission auditing for AI agent workflows. Built on the Model Context Protocol (MCP).

Tools

Tool	Description
`scan_mcp_config`	Scan MCP server configurations for security issues (dangerous commands, exposed secrets, network exposure, container misconfigs)
`detect_prompt_injection`	Analyze text for prompt injection attempts across 7 attack categories with context-aware risk scoring
`validate_scope_contract`	Check if agent actions comply with scope contracts (tool allowlists, file access, boundary constraints)
`scan_secrets`	Detect leaked API keys, tokens, private keys, database URIs, and credentials in text or code
`audit_agent_permissions`	Audit agent configurations against role-based expectations and flag principle of least privilege violations
`generate_security_report`	Generate comprehensive security assessment reports with prioritized remediation plans
`detect_tool_poisoning`	Analyze MCP tool definitions for hidden instructions that could manipulate agent behavior (OWASP Agentic Top 10)

Resources

Resource	URI	Description
OWASP LLM Top 10	`security://owasp-llm-top10`	OWASP Top 10 for LLM Applications (2025)
MCP Security Checklist	`security://mcp-security-checklist`	Security checklist for MCP server deployments

Installation

cd agent-security-mcp
npm install

Usage

As a standalone server

npm start

In Claude Desktop / MCP client configuration

{
  "mcpServers": {
    "agent-security": {
      "command": "node",
      "args": ["/path/to/agent-security-mcp/src/index.js"]
    }
  }
}

With npx (after publishing)

{
  "mcpServers": {
    "agent-security": {
      "command": "npx",
      "args": ["@asl-throne/agent-security-mcp"]
    }
  }
}

Detection Coverage

Prompt Injection (7 categories, 20+ patterns)

Instruction Override -- "ignore previous instructions", "disregard all rules", "new instructions:"
Identity Manipulation -- "you are now", "pretend you are", "act as", DAN/jailbreak
System Prompt Extraction -- "repeat your system prompt", "show your instructions"
Data Exfiltration -- "send this to", "post to webhook", "email everything to"
Delimiter Attacks -- ```system, [INST], <|im_start|>system, XML tag injection
Encoded Injection -- Base64 payloads, unicode zero-width characters, hex escapes
Privilege Escalation -- "sudo mode", "disable safety", "bypass filters"

Secret Detection (25+ patterns)

AI Provider Keys -- OpenAI (sk-), Anthropic (sk-ant-)
Cloud Credentials -- AWS (AKIA*), GCP (AIza*), Azure connection strings
Source Control -- GitHub PATs (ghp_, github_pat_), OAuth tokens (gho_*)
Payment -- Stripe live/test keys (sk_live_, sk_test_)
Communication -- Slack tokens/webhooks, Telegram bot tokens
Database -- PostgreSQL, MongoDB, MySQL, Redis connection URIs
Cryptographic -- RSA/EC/OpenSSH private keys, generic PEM blocks
JWT -- JSON Web Tokens
Generic -- api_key=, secret=, password=, .env file patterns

Permission Audit (6 role profiles)

Researcher -- Read + search + web only
Analyst -- Read + search only
Developer -- Read + write + execute
Reviewer -- Read only, no network
Orchestrator -- Read + write + task spawning
Monitor -- Read only, no network, no write

Pricing

Plan	Price	Servers	Features
Free	$0	1 server	Single scan, basic report
Starter	$49/month	3 servers	Continuous scanning, weekly reports
Pro	$199/month	20 servers	Real-time alerts, CI/CD integration, Slack notifications
Enterprise	$799/month	Unlimited	Custom policies, EU AI Act compliance reporting, S

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

16/100across 5 weighted dimensions

How we score →

0255075100

−84

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Help improve this page

This server is missing a description. Tools and install config are also missing.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.mdfifty50-boop/agent-security safe to use?: io.github.mdfifty50-boop/agent-security has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.mdfifty50-boop/agent-security?: io.github.mdfifty50-boop/agent-security can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with io.github.mdfifty50-boop/agent-security?: io.github.mdfifty50-boop/agent-security is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.