Scan MCP server configs for injections, secrets, and dangerous commands.
Overall this appears to be a local security-scanning MCP tool with no visible secrets, remote endpoints, or clear exfiltration red flags. The main concern is local code execution, which is a normal capability for this class of tool; open-source MIT licensing lowers supply-chain risk, though the very low adoption suggests some caution.
No keys, tokens, or other sensitive credentials are indicated in the materials, and no credential misuse or leakage signals are present.
No remote host endpoints are declared, and there is no description of sending user data to third-party services.
The system check marks executes-code, meaning it can execute code or spawn processes locally; this is common for a scanner, but its execution scope and input trust boundaries still need attention.
Its purpose is to scan MCP server configurations and produce reports, implying read access to local configs and related text/files; no sign of overbroad access beyond what scanning requires.
It comes from a third-party registry, but the repository is open-source under MIT and auditable; however, 0 stars and unknown maintenance reduce confidence, so it should not be rated fully safe.
Copy the install command and let the AI configure it · recommended for beginners
No copy-paste install info for "aster-guard" yet — see the docs or source repo.
Use aster-guard to scan this MCP server config for prompt injection, hardcoded secrets, and dangerous commands, then provide a risk score and remediation advice: {{config}}A risk score, issue list, severity levels, and remediation advice
Before connecting an AI coding assistant, quickly check whether the following MCP config has security issues and highlight high-risk items: {{config}}A go/no-go conclusion and a summary of high-risk items
Audit the following multiple MCP server configs in bulk, identify injection risks, secret exposure, and dangerous commands, and rank them by risk: {{config list}}Per-config audit results, overall risk ranking, and a prioritized fix list
Scan text and URLs for prompt injection risks in AI agents.
Scan AI agents, MCP servers, and skills for security risks.
Scan MCP servers and AI tools for risks with scoring and auto-protection.
Analyze AI security, scan vulnerabilities, and monitor code leaks efficiently.
Scan MCP servers for runtime, static, config, dependency, and compliance risks.
Scan configured MCP servers locally and generate inventory with risk scores.