mcp-audit

Know what your AI agents are exposed to.

mcp-audit is the open-source security scanner for MCP servers: the tools your AI agents use to touch your files, databases, and APIs. Three commands cover every moment — before, during, and after configuration.

Install from PyPI Browse 83 server verdicts 
pip install mcp-audit-scanner
mcp-audit vet <server>  # before you install
mcp-audit check          # after you configure
mcp-audit fix --apply    # fix what check finds

Three verbs.

Before you install

vet

One command, one second. Offline by default. Registry verification, known CVEs, declared capabilities, typosquat detection. The data behind this site, in your terminal.

mcp-audit vet @modelcontextprotocol/server-filesystem
After you configure

check

Scans every MCP config on your machine and gives you a grade, your top findings, and plain-English fixes. One command, one page.

mcp-audit check
After check

fix

Applies the safe remediations back to your config files: secrets moved to environment variables, insecure URLs upgraded, typosquatted packages corrected. Dry-run by default.

mcp-audit fix --apply

The numbers, from named sources.

40.55% of live remote MCP servers require no authentication at all — measured across 7,973 servers (arXiv 2605.22333).
mcp-audit flags this: finding AUTH-001.
12,520 MCP services exposed to the internet, most unauthenticated (Censys, June 2026).
NSA guidance, implemented. The NSA's MCP security advisory (May 2026) names tool-name collision and drift detection as recommended controls. mcp-audit ships both.
Ahead of the research. When Unit 42 (Palo Alto Networks) published the MCP sampling attack classes in June 2026, mcp-audit already detected them — the rules cite Unit 42's research by name.

Your configuration never leaves your machine.

mcp-audit runs entirely locally — no cloud account, no API key, no traffic through anyone's gateway. A plain scan makes zero network calls. That's not a setting; it's the architecture.

Put it where you already work.

GitHub Action

SARIF straight to the Security tab.

- uses: adudley78/mcp-audit@v1

Pre-commit hook

Blocks risky configs before they're committed.

repo: https://github.com/adudley78/mcp-audit
hooks: [id: mcp-audit]

VS Code & Cursor

Inline diagnostics as you edit your MCP config.

ext: mcp-audit

README badge

Embed your server's live verdict. Pulls from the same API this site serves.

![mcp-audit](https://img.shields.io/endpoint
  ?url=https://mcp-audit.dev/v1/badge/npm/your-server.json)

Is your MCP server on the registry?

The 83 servers listed here are the ones mcp-audit can give a verdict on before install. Submit yours and server authors who install it get a verdict — and a badge — in return.

Submit your server →

Open source, community-built detection.

Apache 2.0. Every feature, every user, no tiers. Detection rules are community-built — contribute one and your name ships in the changelog permanently. Write a rule · Sponsor the project