Is Mcp Snitch safe to use?

Mcp Snitch has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under GPL-3.0.

How do I install Mcp Snitch?

Mcp Snitch can be installed by cloning its GitHub repository and following the setup instructions in the README.

What AI clients work with Mcp Snitch?

Mcp Snitch is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is Mcp Snitch actively maintained?

Mcp Snitch is less actively maintained — last commit was 228 days ago. It has 94 GitHub stars.

Mcp Snitch

Name: Mcp Snitch
Author: Adversis

by Adversis

MCP Snitch is a macOS application that intercepts and monitors MCP server communications, providing security analysis, access control, and audit logging for AI tool usage.

94 0 tools GitHub

No known CVEs

GPL-3.0 license

Stale

Last commit 228d ago

Works with most clients

Transport: stdio, sse, http

0 tools

Grade F

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "mcp-snitch": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mcp-snitch)](https://mcppedia.org/s/mcp-snitch)

Read me

What Mcp Snitch does

Security monitoring and access control for Model Context Protocol (MCP) servers

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

30/100across 5 weighted dimensions

How we score →

0255075100

−70

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Mcp Snitch safe to use?: Mcp Snitch has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under GPL-3.0.
How do I install Mcp Snitch?: Mcp Snitch can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with Mcp Snitch?: Mcp Snitch is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Mcp Snitch actively maintained?: Mcp Snitch is less actively maintained — last commit was 228 days ago. It has 94 GitHub stars.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

9.0k 3

Mcpki Server92

mcpki-server is the backend infrastructure for https://www.mcpki.org, enabling secure public key management and autonomous certificate handling for large language models (LLMs).

MCP Security Weekly

Get CVE alerts and security updates for Mcp Snitch and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "mcp-snitch": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mcp-snitch)](https://mcppedia.org/s/mcp-snitch)

Read me

What Mcp Snitch does

Security monitoring and access control for Model Context Protocol (MCP) servers

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

MCP Snitch

Security monitoring and access control for Model Context Protocol (MCP) servers

MCP Snitch is a macOS application that intercepts and monitors MCP server communications, providing security analysis, access control, and audit logging for AI tool usage.

Screenshots

Server Management

View and manage trusted MCP servers with automatic discovery of Claude Desktop and Cursor configurations

Automatic Server Discovery

Automatically scan and discover MCP servers from your AI tool configurations

Tool Approval System

Approve or block new tool calls with granular control - once, always, or never

Security Blocked Request

MCP Snitch blocks suspicious requests and provides clear feedback

Features

🔒 Security Monitoring

Real-time interception of stdio and HTTP MCP transports
AI-powered security analysis using GPT-3.5 for threat detection
Pattern-based detection for sensitive data (SSH keys, credentials, system files)
Audit logging with full request/response history

Comprehensive audit log showing all MCP tool calls with risk assessment and filtering

🛡️ GuardRails

Approve/Block mode - Manual approval for tool calls
Auto-approve trusted tools - Whitelist safe operations
Trust management - Per-server trust settings with database storage
Risk assessment - AI analysis of tool call intentions

Configure security policies including tool control modes and threat detection

Enable AI-powered security analysis with Claude or OpenAI

Customize the AI security analysis prompt for your specific needs

Manage whitelisted and blacklisted tools for automated control

🌐 Universal MCP Support

Stdio servers - npx, Docker, local binaries
HTTP servers - Remote MCP endpoints (GitHub MCP, etc.)
Session management - Automatic session ID handling
Keychain integration - Secure API key storage

Protect API keys by moving them to macOS Keychain for secure storage

📊 Monitoring

Live message viewer - See all MCP communications in real-time
Server discovery - Automatic detection of Claude Desktop & Cursor configs
Protection status - Visual indicators for monitored servers
Export logs - Full audit trail for compliance

Quick Start

For Users

Download the latest DMG from Releases
Install MCP Snitch by dragging to Applications
Launch and grant necessary permissions
Protect your MCP servers from the main interface

For Developers

# Clone the repository
git clone https://github.com/Adversis/mcp-snitch.git
cd mcp-snitch

# Build development version
./build.sh

# Run the app
./run.sh

See CONTRIBUTING.md for detailed setup instructions.

How It Works

MCP Snitch acts as a transparent proxy between AI applications (Claude Desktop, Cursor) and MCP servers:

Cursor → MCP Snitch Proxy → MCP Server
                      ↓
                Security Analysis
                Audit Logging
                GuardRails Enforcement

Stdio Proxy

Wraps command-based servers (npx, docker, local binaries)
Intercepts stdin/stdout for JSON-RPC analysis
Transparent to both client and server

HTTP Proxy

Local HTTP proxy for remote MCP servers
Manages session IDs automatically
Injects authentication headers from keychain

Security Analysis

MCP Snitch uses multiple layers of security anal

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

30/100across 5 weighted dimensions

How we score →

0255075100

−70

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Mcp Snitch safe to use?: Mcp Snitch has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under GPL-3.0.
How do I install Mcp Snitch?: Mcp Snitch can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with Mcp Snitch?: Mcp Snitch is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Mcp Snitch actively maintained?: Mcp Snitch is less actively maintained — last commit was 228 days ago. It has 94 GitHub stars.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

9.0k 3

Mcpki Server92

mcpki-server is the backend infrastructure for https://www.mcpki.org, enabling secure public key management and autonomous certificate handling for large language models (LLMs).

MCP Security Weekly

Get CVE alerts and security updates for Mcp Snitch and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?