Back to Browse
Free
Server data from the Official MCP Registry
Prompt injection detection, secret scanning, permission auditing
About
Prompt injection detection, secret scanning, permission auditing
Security Report
4.2
Use Caution4.2High RiskThis is a legitimate security-focused MCP server with well-intentioned functionality for scanning, auditing, and detecting security issues in agent workflows. The codebase is clean with proper input validation via Zod schemas and no malicious patterns. However, there are moderate concerns around incomplete secret masking in output, some edge cases in injection pattern detection, and minor error handling gaps that prevent a higher score. The server's permissions are appropriate for its security auditing purpose. Supply chain analysis found 3 known vulnerabilities in dependencies (0 critical, 3 high severity). Package verification found 1 issue.
7 files analyzed · 10 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
Permissions Required
This plugin requests these system permissions. Most are normal for its category.
How to Install
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-mdfifty50-boop-agent-security": {
"args": [
"-y",
"agent-security-mcp"
],
"command": "npx"
}
}
}Documentation
View on GitHubFrom the project's GitHub README.
Agent Security MCP Server
Security scanning, prompt injection detection, secret leak detection, and agent permission auditing for AI agent workflows. Built on the Model Context Protocol (MCP).
Tools
| Tool | Description |
|---|---|
scan_mcp_config | Scan MCP server configurations for security issues (dangerous commands, exposed secrets, network exposure, container misconfigs) |
detect_prompt_injection | Analyze text for prompt injection attempts across 7 attack categories with context-aware risk scoring |
validate_scope_contract | Check if agent actions comply with scope contracts (tool allowlists, file access, boundary constraints) |
scan_secrets | Detect leaked API keys, tokens, private keys, database URIs, and credentials in text or code |
audit_agent_permissions | Audit agent configurations against role-based expectations and flag principle of least privilege violations |
generate_security_report | Generate comprehensive security assessment reports with prioritized remediation plans |
detect_tool_poisoning | Analyze MCP tool definitions for hidden instructions that could manipulate agent behavior (OWASP Agentic Top 10) |
Resources
| Resource | URI | Description |
|---|---|---|
| OWASP LLM Top 10 | security://owasp-llm-top10 | OWASP Top 10 for LLM Applications (2025) |
| MCP Security Checklist | security://mcp-security-checklist | Security checklist for MCP server deployments |
Installation
cd agent-security-mcp
npm install
Usage
As a standalone server
npm start
In Claude Desktop / MCP client configuration
{
"mcpServers": {
"agent-security": {
"command": "node",
"args": ["/path/to/agent-security-mcp/src/index.js"]
}
}
}
With npx (after publishing)
{
"mcpServers": {
"agent-security": {
"command": "npx",
"args": ["@asl-throne/agent-security-mcp"]
}
}
}
Detection Coverage
Prompt Injection (7 categories, 20+ patterns)
- Instruction Override -- "ignore previous instructions", "disregard all rules", "new instructions:"
- Identity Manipulation -- "you are now", "pretend you are", "act as", DAN/jailbreak
- System Prompt Extraction -- "repeat your system prompt", "show your instructions"
- Data Exfiltration -- "send this to", "post to webhook", "email everything to"
- Delimiter Attacks -- ```system, [INST], <|im_start|>system, XML tag injection
- Encoded Injection -- Base64 payloads, unicode zero-width characters, hex escapes
- Privilege Escalation -- "sudo mode", "disable safety", "bypass filters"
Secret Detection (25+ patterns)
- AI Provider Keys -- OpenAI (sk-), Anthropic (sk-ant-)
- Cloud Credentials -- AWS (AKIA*), GCP (AIza*), Azure connection strings
- Source Control -- GitHub PATs (ghp_, github_pat_), OAuth tokens (gho_*)
- Payment -- Stripe live/test keys (sk_live_, sk_test_)
- Communication -- Slack tokens/webhooks, Telegram bot tokens
- Database -- PostgreSQL, MongoDB, MySQL, Redis connection URIs
- Cryptographic -- RSA/EC/OpenSSH private keys, generic PEM blocks
- JWT -- JSON Web Tokens
- Generic -- api_key=, secret=, password=, .env file patterns
Permission Audit (6 role profiles)
- Researcher -- Read + search + web only
- Analyst -- Read + search only
- Developer -- Read + write + execute
- Reviewer -- Read only, no network
- Orchestrator -- Read + write + task spawning
- Monitor -- Read only, no network, no write
Pricing
| Plan | Price | Servers | Features |
|---|---|---|---|
| Free | $0 | 1 server | Single scan, basic report |
| Starter | $49/month | 3 servers | Continuous scanning, weekly reports |
| Pro | $199/month | 20 servers | Real-time alerts, CI/CD integration, Slack notifications |
| Enterprise | $799/month | Unlimited | Custom policies, EU AI Act compliance reporting, SSO, dedicated support |
Requirements
- Node.js >= 18.0.0
- @modelcontextprotocol/sdk >= 1.12.0
License
MIT
Reviews
No reviews yet
Be the first to review this server!
More Security MCP Servers
Toleno
Freeby Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
114
Stars
404
Installs
8.0
Security
4.8
Local
mcp-creator-python
Freeby mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.
-
Stars
55
Installs
10.0
Security
5.0
Local
MarkItDown
Freeby Microsoft · Content & Media
Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption
89.9K
Stars
14
Installs
6.0
Security
5.0
Local