mcpsec - Security Scanner for MCP Servers

🔍 Find security vulnerabilities in Model Context Protocol (MCP) servers before they find you.

Quick Start

Installation

cargo install mcpsec

Requirements:

• Rust 1.70.0 or higher
• Works on Linux, macOS, and Windows

Usage Options

🎨 Interactive TUI Mode (Recommended)

# Launch interactive interface
mcpsec tui

# Launch with target pre-selected
mcpsec tui ./my-mcp-server

📝 Traditional CLI Mode

# Scan local MCP server
mcpsec scan ./my-mcp-server

# Scan GitHub repository
mcpsec scan https://github.com/user/mcp-server

# Get JSON output for CI/CD
mcpsec scan ./server --output json --fail-below 70

Features

• 🎨 Interactive TUI - Beautiful terminal user interface with real-time navigation
• 🔍 Static Analysis - Detects security vulnerabilities without executing code
• 🎯 MCP-Specific - Understands MCP server patterns and common mistakes
• 📊 Risk Scoring - Clear 0-100 risk assessment with actionable recommendations
• 🖥️ Dual Interface - Both interactive TUI and traditional CLI modes
• 🔧 CI/CD Ready - JSON/SARIF output formats for automation
• ⚡ Fast - Scan typical MCP servers in seconds
• 🌍 MCP SDK Support - Python FastMCP and TypeScript/JavaScript MCP SDK
• 📱 Responsive Design - Adapts to different terminal sizes
• ⌨️ Keyboard Navigation - Intuitive vim-like shortcuts

Supported MCP SDKs

mcpsec currently supports MCP servers built with:

Note: For unsupported SDKs, mcpsec will still detect generic security issues (command injection, file operations, etc.) but may miss MCP-specific vulnerability patterns.

Security Checks

mcpsec detects these vulnerability categories:

MCP-Specific Vulnerabilities

Detected in Python FastMCP and TypeScript/JavaScript MCP SDK servers

General Vulnerabilities

Detected in all supported languages

Example Output

┌─ Security Assessment ────────────────────────────────┐
│            Overall Score: 15/100 (CRITICAL)         │
│                                                     │
│ 🔴 3 Critical Issues                                │
│ 🟠 2 High Issues                                    │
│ 🟡 1 Medium Issue                                   │
│                                                     │
│             ❌ DO NOT USE - Fix critical issues first │
└─────────────────────────────────────────────────────┘

🔴 CRITICAL: MCP Tool Command Injection in server.ts:52
   MCP tool 'execute-command' uses unsafe execSync() with user input
   
   Fix: Use subprocess with shell=False and validated arguments
   Ref: CWE-78, OWASP Command Injection

🟠 HIGH: MCP Resource Path Traversal in server.py:67
   Resource allows ../../../etc/passwd access via path parameter
   
   Fix: Validate paths with Path.resolve() and allowlists
   Ref: CWE-22, Path Traversal

🟠 HIGH: MCP Auth Bypass in config.ts:12
   DISABLE_AUTH=true exposes server without authentication
   
   Fix: Remove auth bypass flags and implement proper authentication
   Ref: CWE-306, Missing Authentication

TUI Interface

The interactive TUI provides:

• 📁 Welcome Screen - Project overview and quick actions
• 🎯 Target Selection - Browse and select MCP servers to scan
• ⚡ Live Scanning - Real-time progress with visual feedback
• 📋 Results Dashboard - Security assessment with color-coded findings
• 🔍 Finding Details - In-depth vulnerability analysis with fix suggestions
• 📚 Rules Browser - Explore and understand security rules
• ❓ Help System - Built-in keyboard shortcuts and documentation

TUI Navigation

• q or Esc - Quit/Go back
• ? or F1 - Toggle help
• ↑↓ or j/k - Navigate lists
• Enter - Select/Confirm
• Tab - Switch focus
• s - Start scan
• r - Browse rules/Rescan

CLI Commands

Interactive Mode

mcpsec tui                          # Launch TUI interface
mcpsec tui ./my-mcp-server          # Launch with target selected

Scanning

mcpsec scan ./my-mcp-server         # Basic scan with table output
mcpsec scan ./server --output json  # JSON output for CI/CD
mcpsec scan ./server --fail-below 80 # Exit with error if score < 80

Rule Management

mcpsec rules list                   # Show all available rules
mcpsec rules info mcp-tool-injection-001  # Rule details

Utilities

mcpsec doctor                       # System health check
mcpsec --version                    # Show version
mcpsec --help                       # Show help

Documentation

• 🔧 CLI Reference: Run mcpsec --help for full command reference
• 🛡️ Security Rules: Run mcpsec rules list to see all available rules
• 🏗️ Architecture: See CONTRIBUTING.md for development details

Contributing

We welcome contributions! Please see:

• 🤝 Contributing Guide
• 🐛 Issue Templates
• 🔒 Security Policy
• 📜 Code of Conduct

Quick Development Setup

git clone https://github.com/augmnt/mcpsec
cd mcpsec
cargo build
cargo test
cargo run -- scan examples/vulnerable-mcp-typescript

# Test with Python FastMCP example  
cargo run -- scan examples/vulnerable-mcp-python

Community & Support

• 💬 Discussions - Questions and ideas
• 🐛 Issues - Bug reports
• 🔒 Security - Vulnerability disclosure

Language Support

✅ Currently Supported

• Python (FastMCP) - Full MCP-specific security rules
• TypeScript/JavaScript (@modelcontextprotocol/sdk) - Full MCP-specific security rules

🔄 Roadmap

• Rust - Community MCP implementations
• Go - Community MCP implementations
• Java/Kotlin - Enterprise MCP servers
• C#/.NET - Enterprise MCP implementations

Want to contribute? See CONTRIBUTING.md for guidance on adding language support.

Risk Assessment Scale

License

Licensed under the MIT License.

Acknowledgments

• The MCP community for building awesome servers
• Security researchers who inspired this tool
• Contributors who make mcpsec better