Scan configured MCP servers locally and generate inventory with risk scores.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "mcp-audit" MCP server from askskill: Run: claude mcp add 'io-github-saagpatel-mcp-audit' -- uvx mcp-audits
Scan all MCP servers configured on this machine. List their names, sources, connection methods, accessible capabilities, and assign high, medium, or low risk scores with reasons.
An inventory of MCP servers with config sources, permission scope, risk levels, and scoring rationale.
Identify the highest-risk MCP servers and explain which settings could cause sensitive data exposure, excessive permissions, or untrusted external access.
A list of high-risk servers with the specific triggers and security implications for each risk.
Based on the audit results, provide actionable hardening recommendations for each MCP server, prioritize them, and mark which fixes can be done immediately.
A prioritized remediation checklist including quick fixes and longer-term improvements.
Scan MCP servers for runtime, static, config, dependency, and compliance risks.
Scan MCP servers for common security risks and assign A-F grades.
Analyze MCP tool security risks, detect malicious behavior, and provide risk scores.
Get CVE-based security review prompts to find risky code vulnerabilities faster.
Scan remote MCP servers for protocol, security, and TLS issues.
Scan MCP servers and AI tools for risks with scoring and auto-protection.