Is PentestMCP safe to use?

PentestMCP has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install PentestMCP?

PentestMCP can be installed by cloning its GitHub repository and following the setup instructions in the README.

What AI clients work with PentestMCP?

PentestMCP is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.

Is PentestMCP actively maintained?

PentestMCP is actively maintained — last commit was 18 days ago. It has 55 GitHub stars.

PentestMCP

pentestMCP: AI-Powered Penetration Testing via MCP, an MCP designed for penetration testers.

ActiveNot tested

Security

★ 55GitHub

27DNo CVEsactive

Quick Install

{
  "mcpServers": {
    "pentestmcp": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Setup guide

No install config available. Check the server's README for setup instructions.

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/pentestmcp)](https://mcppedia.org/s/pentestmcp)

Should you use this server?

pentestMCP: AI-Powered Penetration Testing via MCP, an MCP designed for penetration testers.

✓

Is it safe?

No package registry to scan.

No authentication — any process on your machine can connect.

License not specified.

✓

Is it maintained?

Last commit 18 days ago. 55 stars.

Will it work with my client?

Transport: stdio. Works with Claude Desktop, Cursor, Claude Code, and most MCP clients.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Score Breakdown

MCPpedia Score

Click each category to see evidence

27D

Last scored 23h ago

How we score →

Security

3/30

No known vulnerabilities.

○

Known CVEs — No package registry to scan

○

Tool safety — No tools to analyze

○

Tool poisoning — No tools to analyze

○

Injection vectors — No tools to analyze

✓

Tool stability — Tool definitions stable

○

Dependency health — No package to analyze

✗

License — No license specified

○

Authentication — No authentication required

○

Frequently Asked Questions

Is PentestMCP safe to use?: PentestMCP has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install PentestMCP?: PentestMCP can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with PentestMCP?: PentestMCP is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.
Is PentestMCP actively maintained?: PentestMCP is actively maintained — last commit was 18 days ago. It has 55 GitHub stars.

PentestMCP

Quick Install

Should you use this server?

Test This Server

Score Breakdown

MCPpedia Score

Security

Help improve this page

Reviews

Frequently Asked Questions

Similar servers

MCPpedia

io.github.xkumakichi/xaip-mcp-server

Ggmcp

Moltrust MCP Server

Discussion