mcp-audit

Know what your AI agents are exposed to.

mcp-audit is the open-source security scanner for MCP servers: the tools your AI agents use to touch your files, databases, and APIs. One command tells you what you're running, what it can do, and what to fix.

Install from PyPI Browse 83 server verdicts 
pip install mcp-audit-scanner
mcp-audit check

Three verbs.

Now

check

Scans every MCP config on your machine and gives you a grade, your top findings, and plain-English fixes. One command, one page.

mcp-audit check
After

fix

Applies the safe remediations back to your config files: secrets moved to environment variables, insecure URLs upgraded, typosquatted packages corrected. Dry-run by default.

mcp-audit fix
Coming soon

vet

Ask before you install. A verdict on any public MCP server: verification status, known CVEs, declared capabilities. The data is already live — the CLI lands next.

mcp-audit vet <server>

The numbers, from named sources.

40.55% of live remote MCP servers require no authentication at all — measured across 7,973 servers (arXiv 2605.22333).
mcp-audit flags this: finding AUTH-001.
12,520 MCP services exposed to the internet, most unauthenticated (Censys, June 2026).
NSA guidance, implemented. The NSA's MCP security advisory (May 2026) names tool-name collision and drift detection as recommended controls. mcp-audit ships both.
Ahead of the research. When Unit 42 (Palo Alto Networks) published the MCP sampling attack classes in June 2026, mcp-audit already detected them — the rules cite Unit 42's research by name.

Your configuration never leaves your machine.

mcp-audit runs entirely locally — no cloud account, no API key, no traffic through anyone's gateway. A plain scan makes zero network calls. That's not a setting; it's the architecture.

Put it where you already work.

GitHub Action

SARIF straight to the Security tab.

- uses: adudley78/mcp-audit@v1

Pre-commit hook

Blocks risky configs before they're committed.

repo: https://github.com/adudley78/mcp-audit
hooks: [id: mcp-audit]

VS Code & Cursor

Inline diagnostics as you edit your MCP config.

ext: mcp-audit

README badge

Show your server's verdict.

shields.io/endpoint?url=
https://mcp-audit.dev/v1/badge/…

Open source, community-built detection.

Apache 2.0. Every feature, every user, no tiers. Detection rules are community-built — contribute one and your name ships in the changelog permanently. Write a rule · Sponsor the project