MCPScan

Offensive MCP server auditor — detects tool poisoning, credential leaks, RCE vectors, SSRF, session hijacking, and supply chain vulnerabilities across stdio, HTTP, and SSE transports.

typescript by sahiloj ★ 8 Last commit: 1 month, 1 week ago

Links:

GitHub

Prompt Injection Risk Exfiltration Risk

◐

Assessed visibility — 4/3 applicable dimensions scored

✓ Schema Quality ✓ Protocol — Reliability ✓ Docs & Maintenance ✓ Security Hygiene — Schema Interpretability

Schema Quality

42% weight

Protocol Compliance

N/A

Local server

Reliability

N/A

Local server

Docs & Maintenance

25% weight

Security Hygiene

33% weight

Score History

Category Trends

Static Analysis

Metric	Score	Rating
Schema Completeness	80	Good
Description Quality	75	Good
Documentation Coverage	40	Fair
Maintenance Pulse	71	Good
Dependency Health	55	Fair
License Clarity	100	Good
Version Hygiene	80	Good

Analyzed 1 month, 1 week ago

Embed Badge

Add this to your README to display your MCP Scoreboard grade:

[![MCP Score](https://mcpscoreboard.com/badge/4d6248f3-8e46-47f6-9e96-017754381ca7.svg)](https://mcpscoreboard.com/server/4d6248f3-8e46-47f6-9e96-017754381ca7/)