How do I install Bawbel?

Bawbel is a local plugin. Install it using PyPI package: bawbel-mcp and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

What AI apps work with Bawbel?

Bawbel uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Bawbel MCP Server

by Bawbel

Developer ToolsUse Caution4.2MCP RegistryLocal

Free

Server data from the Official MCP Registry

Scan MCP servers and skill files for AVE vulnerabilities. Conformance scoring and threat intel.

About

Scan MCP servers and skill files for AVE vulnerabilities. Conformance scoring and threat intel.

Security Report

4.2

Use Caution4.2High Risk

Bawbel MCP is a security scanner tool with appropriate authentication model and reasonable code quality. It safely delegates dangerous operations (subprocess, file I/O, network access) to an external CLI tool, limiting direct code execution risk. However, there are concerns around subprocess safety patterns, error handling edge cases, and input validation that warrant attention. The server's permissions align well with its security-focused purpose. Supply chain analysis found 3 known vulnerabilities in dependencies (1 critical, 1 high severity). Package verification found 1 issue.

4 files analyzed · 12 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

File System Read

Reads files on your machine. Normal for tools that analyze or process local data.

File System Write

Writes or modifies files on your machine. Check that this is expected for the tool.

HTTP Network Access

Connects to external APIs or services over the internet.

process_spawn

Check that this permission is expected for this type of plugin.

env_vars

Check that this permission is expected for this type of plugin.

system_info

Check that this permission is expected for this type of plugin.

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-bawbel-bawbel-mcp": {
      "args": [
        "bawbel-mcp"
      ],
      "command": "uvx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

Bawbel MCP Server

Security scanner for MCP servers and agentic AI components, exposed as MCP tools.

Bawbel MCP Server lets any MCP-compatible agent scan servers, check skill files, score conformance, manage justified suppressions, and query the AVE threat intelligence database mid-conversation.

Install

pip install bawbel-mcp

Or with all detection engines (YARA, Semgrep, LLM, Magika, Sandbox):

pip install "bawbel-mcp[all]"

Tools

Tool	Description
`scan_content`	Scan raw text content for AVE vulnerabilities
`scan_server_card`	Fetch and scan an MCP server-card before connecting
`scan_creds`	Credential-focused scan (API keys, tokens, passwords, private keys)
`scan_chain`	Delegation chain scan (unsafe sub-agent spawning and inherited permissions)
`check_conformance`	Score a server manifest against the MCP spec (18 checks, A+ to F)
`accept_finding`	Insert a justified suppression with reason, reviewer, and optional expiry
`lookup_ave`	Get a full AVE record by ID with remediation guidance
`search_ave`	Search AVE records by keyword
`list_ave`	List all AVE records with optional severity/category filters
`check_pins`	Detect rug pull drift in a directory of skill files

Resources

Resource	Description
`ave://stats`	Current AVE database statistics
`ave://record/{ave_id}`	Full AVE record for a specific ID

Usage

Claude Desktop

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "bawbel": {
      "command": "uvx",
      "args": ["bawbel-mcp"]
    }
  }
}

Claude Code

claude mcp add bawbel uvx bawbel-mcp

Cursor / Windsurf

Add to your MCP settings:

{
  "bawbel": {
    "command": "uvx",
    "args": ["bawbel-mcp"]
  }
}

Remote deployment (Streamable HTTP)

uvx bawbel-mcp --transport streamable-http --host 0.0.0.0 --port 8000

Example conversations

Scan a server before connecting:

"Before I add this MCP server to my config, scan it for security issues: https://api.some-mcp-server.com"

Claude calls scan_server_card("https://api.some-mcp-server.com") and reports findings with AVE IDs, AIVSS severity scores, and remediation steps.

Check a skill file:

"Check this skill file content for prompt injection vulnerabilities"

Claude calls scan_content(content) and returns findings including any toxic flow chains detected.

Check for hardcoded credentials:

"Does this skill file contain any hardcoded API keys or secrets?"

Claude calls scan_creds(content) and returns credential findings only.

Check for unsafe delegation:

"Does this skill spawn sub-agents without proper trust boundaries?"

Claude calls scan_chain(content) and returns delegation chain findings.

Accept a false positive:

"Mark AVE-2026-00001 on line 7 of travel.md as a false positive. Reason: internal registry endpoint, not attacker-controlled."

Claude calls accept_finding(...) and writes the justified suppression comment directly into the file. The approval is tracked in version control.

Score a server against the spec:

"Does this server follow the MCP spec? https://api.some-mcp-server.com"

Claude calls check_conformance("https://api.some-mcp-server.com") and returns a score, grade, and list of failed checks.

Look up a vulnerability:

"What is AVE-2026-00041 and how do I fix it?"

Claude calls lookup_ave("AVE-2026-00041") and returns the full record with behavioral fingerprint, IOCs, and remediation steps.

Search for relevant vulnerabilities:

"What AVE records cover credential exfiltration?"

Claude calls search_ave("credential exfiltration") and returns matching records with AIVSS scores and OWASP MCP categories.

Audit mode - see all findings including suppressed:

"Scan this file and show me everything, including suppressed findings."

Claude calls scan_content(content, no_ignore=True) and bypasses all suppression layers.

Requirements

Python 3.10+
bawbel-scanner>=1.2.2 (installed automatically)
fastmcp>=3.0.0 (installed automatically)

The bawbel CLI must be available in PATH. Installing bawbel-mcp installs bawbel-scanner which provides the bawbel CLI.

bawbel-scanner - CLI scanner
bawbel/ave - AVE standard and records
api.piranha.bawbel.io - Threat intel API
bawbel.io/docs - Full documentation

Apache 2.0. Built by Bawbel.

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Fetch

Free

by Modelcontextprotocol · Developer Tools

Web content fetching and conversion for efficient LLM usage

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

Bawbel MCP Server

About

Security Report

Findings (12)Action required

Permissions Required

How to Install

Documentation

Bawbel MCP Server

Install

Tools

Resources

Usage

Claude Desktop

Claude Code

Cursor / Windsurf

Remote deployment (Streamable HTTP)

Example conversations

Requirements

Related

Reviews

No reviews yet

More Developer Tools MCP Servers

Fetch

Toleno

mcp-creator-python

MarkItDown

FinAgent

mcp-creator-typescript