Is io.github.Vigile-ai/vigile-mcp safe to use?

io.github.Vigile-ai/vigile-mcp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install io.github.Vigile-ai/vigile-mcp?

io.github.Vigile-ai/vigile-mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What AI clients work with io.github.Vigile-ai/vigile-mcp?

io.github.Vigile-ai/vigile-mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is io.github.Vigile-ai/vigile-mcp actively maintained?

io.github.Vigile-ai/vigile-mcp is recently maintained — last commit was 53 days ago.

io.github.Vigile-ai/vigile-mcp

vigile-mcp

Query trust scores for MCP servers and agent skills. Check if a tool is safe.

38/wk 0 tools GitHub npm

No known CVEs

No license

Maintained

Last commit 53d ago

Works with most clients

Transport: stdio, sse, http

0 tools

Grade F

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "vigile": {
      "args": [
        "-y",
        "vigile-mcp"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-vigile-ai-vigile-mcp)](https://mcppedia.org/s/io-github-vigile-ai-vigile-mcp)

Read me

What io.github.Vigile-ai/vigile-mcp does

MCP server for Vigile AI Security — query trust scores for MCP servers and agent skills directly from your AI coding assistant.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y 'vigile-mcp' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

51/100across 5 weighted dimensions

How we score →

0255075100

−49

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked vigile-mcp against OSV.dev.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.Vigile-ai/vigile-mcp safe to use?: io.github.Vigile-ai/vigile-mcp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.Vigile-ai/vigile-mcp?: io.github.Vigile-ai/vigile-mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What AI clients work with io.github.Vigile-ai/vigile-mcp?: io.github.Vigile-ai/vigile-mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is io.github.Vigile-ai/vigile-mcp actively maintained?: io.github.Vigile-ai/vigile-mcp is recently maintained — last commit was 53 days ago.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

9.0k 3

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Mcpki Server92

mcpki-server is the backend infrastructure for https://www.mcpki.org, enabling secure public key management and autonomous certificate handling for large language models (LLMs).

MCP Security Weekly

Get CVE alerts and security updates for io.github.Vigile-ai/vigile-mcp and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "vigile": {
      "args": [
        "-y",
        "vigile-mcp"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-vigile-ai-vigile-mcp)](https://mcppedia.org/s/io-github-vigile-ai-vigile-mcp)

Read me

What io.github.Vigile-ai/vigile-mcp does

MCP server for Vigile AI Security — query trust scores for MCP servers and agent skills directly from your AI coding assistant.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y 'vigile-mcp' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

vigile-mcp

MCP server for Vigile AI Security — query trust scores for MCP servers and agent skills directly from your AI coding assistant.

Works with Claude Desktop, Claude Code, Cursor, VS Code, Windsurf, and any MCP-compatible client.

Installation

Claude Desktop

Add to your Claude Desktop config file:

macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "vigile": {
      "command": "npx",
      "args": ["-y", "vigile-mcp"]
    }
  }
}

Claude Code

claude mcp add --transport stdio vigile --scope user -- npx -y vigile-mcp

Or add to your project's .mcp.json:

{
  "vigile": {
    "command": "npx",
    "args": ["-y", "vigile-mcp"]
  }
}

Cursor

Add to ~/.cursor/mcp.json:

{
  "mcpServers": {
    "vigile": {
      "command": "npx",
      "args": ["-y", "vigile-mcp"]
    }
  }
}

VS Code (Copilot)

Add to .vscode/mcp.json in your project:

{
  "servers": {
    "vigile": {
      "command": "npx",
      "args": ["-y", "vigile-mcp"]
    }
  }
}

Windsurf

Add to ~/.codeium/windsurf/mcp_config.json:

{
  "mcpServers": {
    "vigile": {
      "command": "npx",
      "args": ["-y", "vigile-mcp"]
    }
  }
}

Global Install (Alternative)

npm install -g vigile-mcp

Then replace "command": "npx", "args": ["-y", "vigile-mcp"] with "command": "vigile-mcp" in any config above.

What It Does

Vigile scans and scores MCP servers and agent skills for security issues like tool poisoning, data exfiltration, prompt injection, and supply chain attacks. This MCP server brings those trust scores into your AI workflow — so your coding assistant can check whether a tool is safe before using it.

Covers servers from npm, Smithery, PyPI, and other registries, plus agent skills from Claude Code, Cursor, OpenClaw/ClawHub, and more.

Tools

Tool	Description
`vigile_check_server`	Look up trust score for an MCP server by name or package
`vigile_check_skill`	Look up trust score for an agent skill (claude.md, .cursorrules, OpenClaw skills, etc.)
`vigile_scan_content`	Scan raw content from a claude.md, .cursorrules, skill.md, or similar file for security issues
`vigile_search`	Search the Vigile trust registry by keyword
`vigile_verify_location`	Verify whether a skill uses location data safely and check for location-based attack patterns

Example Usage

Once installed, your AI assistant can use these tools naturally:

"Check if @anthropic/mcp-server-filesystem is safe" "Scan this claude.md file for security issues" "Search for database MCP servers and show me their trust scores"

Trust Scores

Vigile rates every server and skill on a 0-100 scale:

Score	Level	Meaning
80-100	Trusted	No significant issues found
60-79	Caution	Minor issues, review recommended
40-59	Risky	Notable security concerns
0-39	Dangerous	Critical issues, do not use

Authentication

By default, vigile-mcp uses the public Vigile registry (rate-limited). For higher limits, set your API key:

{
  "mcpServers": {
    "vigile": {
      "command": "npx",
      "args": ["-y", "vigile-mcp"],
      "env": {
        "VIGILE_API_KEY": "vgl_your_key_here"
      }
    }
  }
}

Get an API key at vigile.dev.

Rate Limits

Tier	Scans/min	Monthly Quota
Free (no key)	10	50
Pro ($30/mo)	60	1,000
Pro+ ($100/mo)	300	5,000

Registry lookups (vigile_check_server, vigile_check_skill, vigile_search) do not count against your scan quota. Only `vigile_s

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

51/100across 5 weighted dimensions

How we score →

0255075100

−49

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked vigile-mcp against OSV.dev.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.Vigile-ai/vigile-mcp safe to use?: io.github.Vigile-ai/vigile-mcp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.Vigile-ai/vigile-mcp?: io.github.Vigile-ai/vigile-mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What AI clients work with io.github.Vigile-ai/vigile-mcp?: io.github.Vigile-ai/vigile-mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is io.github.Vigile-ai/vigile-mcp actively maintained?: io.github.Vigile-ai/vigile-mcp is recently maintained — last commit was 53 days ago.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

9.0k 3

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Mcpki Server92

mcpki-server is the backend infrastructure for https://www.mcpki.org, enabling secure public key management and autonomous certificate handling for large language models (LLMs).

MCP Security Weekly

Get CVE alerts and security updates for io.github.Vigile-ai/vigile-mcp and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?