Back to Browse
About
Security scanning and threat detection for AI agents
Security Report
4.2
Use Caution4.2High RiskThis is a security-focused MCP server with well-designed tools for detecting prompt injection, secrets, and misconfigurations. The server itself is implemented cleanly with proper input validation via Zod schemas. However, the lack of authentication on tool endpoints and a minor information disclosure risk in error handling lower the score slightly. Overall appropriate for its stated purpose. Supply chain analysis found 3 known vulnerabilities in dependencies (0 critical, 3 high severity). Package verification found 1 issue.
7 files analyzed · 12 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
Permissions Required
This plugin requests these system permissions. Most are normal for its category.
How to Install
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-mdfifty50-boop-agent-security": {
"args": [
"-y",
"agent-security-mcp"
],
"command": "npx"
}
}
}Documentation
View on GitHubFrom the project's GitHub README.
Agent Security MCP Server
Security scanning, prompt injection detection, secret leak detection, and agent permission auditing for AI agent workflows. Built on the Model Context Protocol (MCP).
Tools
| Tool | Description |
|---|---|
scan_mcp_config | Scan MCP server configurations for security issues (dangerous commands, exposed secrets, network exposure, container misconfigs) |
detect_prompt_injection | Analyze text for prompt injection attempts across 7 attack categories with context-aware risk scoring |
validate_scope_contract | Check if agent actions comply with scope contracts (tool allowlists, file access, boundary constraints) |
scan_secrets | Detect leaked API keys, tokens, private keys, database URIs, and credentials in text or code |
audit_agent_permissions | Audit agent configurations against role-based expectations and flag principle of least privilege violations |
generate_security_report | Generate comprehensive security assessment reports with prioritized remediation plans |
detect_tool_poisoning | Analyze MCP tool definitions for hidden instructions that could manipulate agent behavior (OWASP Agentic Top 10) |
Resources
| Resource | URI | Description |
|---|---|---|
| OWASP LLM Top 10 | security://owasp-llm-top10 | OWASP Top 10 for LLM Applications (2025) |
| MCP Security Checklist | security://mcp-security-checklist | Security checklist for MCP server deployments |
Installation
cd agent-security-mcp
npm install
Usage
As a standalone server
npm start
In Claude Desktop / MCP client configuration
{
"mcpServers": {
"agent-security": {
"command": "node",
"args": ["/path/to/agent-security-mcp/src/index.js"]
}
}
}
With npx (after publishing)
{
"mcpServers": {
"agent-security": {
"command": "npx",
"args": ["@asl-throne/agent-security-mcp"]
}
}
}
Detection Coverage
Prompt Injection (7 categories, 20+ patterns)
- Instruction Override -- "ignore previous instructions", "disregard all rules", "new instructions:"
- Identity Manipulation -- "you are now", "pretend you are", "act as", DAN/jailbreak
- System Prompt Extraction -- "repeat your system prompt", "show your instructions"
- Data Exfiltration -- "send this to", "post to webhook", "email everything to"
- Delimiter Attacks -- ```system, [INST], <|im_start|>system, XML tag injection
- Encoded Injection -- Base64 payloads, unicode zero-width characters, hex escapes
- Privilege Escalation -- "sudo mode", "disable safety", "bypass filters"
Secret Detection (25+ patterns)
- AI Provider Keys -- OpenAI (sk-), Anthropic (sk-ant-)
- Cloud Credentials -- AWS (AKIA*), GCP (AIza*), Azure connection strings
- Source Control -- GitHub PATs (ghp_, github_pat_), OAuth tokens (gho_*)
- Payment -- Stripe live/test keys (sk_live_, sk_test_)
- Communication -- Slack tokens/webhooks, Telegram bot tokens
- Database -- PostgreSQL, MongoDB, MySQL, Redis connection URIs
- Cryptographic -- RSA/EC/OpenSSH private keys, generic PEM blocks
- JWT -- JSON Web Tokens
- Generic -- api_key=, secret=, password=, .env file patterns
Permission Audit (6 role profiles)
- Researcher -- Read + search + web only
- Analyst -- Read + search only
- Developer -- Read + write + execute
- Reviewer -- Read only, no network
- Orchestrator -- Read + write + task spawning
- Monitor -- Read only, no network, no write
Pricing
| Plan | Price | Servers | Features |
|---|---|---|---|
| Free | $0 | 1 server | Single scan, basic report |
| Starter | $49/month | 3 servers | Continuous scanning, weekly reports |
| Pro | $199/month | 20 servers | Real-time alerts, CI/CD integration, Slack notifications |
| Enterprise | $799/month | Unlimited | Custom policies, EU AI Act compliance reporting, SSO, dedicated support |
Requirements
- Node.js >= 18.0.0
- @modelcontextprotocol/sdk >= 1.12.0
License
MIT
Reviews
No reviews yet
Be the first to review this server!
More Security MCP Servers
Toleno
Freeby Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
137
Stars
496
Installs
8.0
Security
4.8
Local
mcp-creator-python
Freeby mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.
-
Stars
68
Installs
10.0
Security
4.6
Local
MarkItDown
Freeby Microsoft · Content & Media
Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption
120.0K
Stars
24
Installs
6.0
Security
5.0
Local