Server data from the Official MCP Registry
Passive security scanner: audits MCP servers against the OWASP MCP Top 10, graded A-F.
Passive security scanner: audits MCP servers against the OWASP MCP Top 10, graded A-F.
mcp-scan is a well-architected security scanner for MCP servers with strong code quality, comprehensive OWASP MCP Top 10 coverage, and proper separation of concerns. Permissions align with its stated purpose (spawning stdio processes, making HTTP requests for scanning). Minor findings are low-severity code quality issues that do not materially impact security. Supply chain analysis found 5 known vulnerabilities in dependencies (2 critical, 3 high severity). Package verification found 1 issue.
7 files analyzed · 10 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-codingselim-mcp-scan": {
"args": [
"-y",
"owasp-mcp-scan"
],
"command": "npx"
}
}
}Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.