MCPShield

Security scanner for MCP servers — detects tool poisoning, prompt injection, and 90+ vulnerability patterns

MCPShield CLI

Scan MCP servers and GitHub repositories for security vulnerabilities.

Powered by MCPShield — the MCP security scanner with 59+ detection rules covering the OWASP MCP Top 10.

Install

npm install -g mcpshield

Setup

Get a free API key at mcpshield.co/settings, then:

mcpshield auth mcp_sk_your_key_here

Usage

# Scan an HTTP MCP server
mcpshield scan --url https://mcp-server.example.com/mcp

# Scan a GitHub repository
mcpshield scan --github https://github.com/user/repo

# JSON output (for CI/CD)
mcpshield scan --url https://mcp-server.example.com/mcp --json

# Filter by severity
mcpshield scan --url https://mcp-server.example.com/mcp --severity high

Exit Codes

0 — Scan completed, no critical findings
1 — Error (invalid key, rate limit, scan failure)
2 — Scan completed with critical findings

Environment Variables

MCPSHIELD_API_KEY — API key (alternative to mcpshield auth)
MCPSHIELD_API_URL — Custom API endpoint (for self-hosted)

License

MIT

Related Servers

Scout Monitoring MCP

Put performance and error data directly in the hands of your AI assistant.

Alpha Vantage MCP Server

Access financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more

Gradio MCP Test

A Python-based MCP server that provides tools to get cat images, either as a direct PNG or a URL for Markdown display.

Remote MCP Server (Authless)

An example of a remote MCP server deployable on Cloudflare Workers, without authentication.

Session Continuity MCP Server

An MCP server for Claude Code CLI that provides persistent session management, entity tracking, and context preservation across development sessions.

XcodeMCP

An MCP server to control Xcode on macOS using JavaScript for Automation (JXA).

conKurrence

AI evaluation toolkit — measure inter-rater agreement (Fleiss' κ, Kendall's W) across multiple LLM providers

Forge

GPU kernel optimization - 32 swarm agents turn PyTorch into fast CUDA/Triton kernels on real datacenter GPUs with up to 14x speedup

llm-advisor-mcp

Real-time LLM/VLM model comparison with benchmarks, pricing, and personalized recommendations from 5 data sources. No API key required.

DHTMLX MCP Server

The DHTMLX MCP server provides real-time access to official docs and a smart RAG.

MCP Domain Availability Checker

Check domain availability directly from MCP clients using the Namecheap API.

Rippling MCP Server

Rippling HR/IT/Finance platform integration with 18 tools for managing employees, departments, payroll, benefits, time tracking, and company operations.

NotebookLM Web Importer

Import web pages and YouTube videos to NotebookLM with one click. Trusted by 200,000+ users.

Install Chrome Extension