Security scanner for Model Context Protocol (MCP) servers. Finds vulnerabilities before attackers do.
# One-liner (macOS / Linux)
curl -fsSL https://install.mcpscanner.dev/install.sh | shOther methods:
# Homebrew (macOS / Linux)
brew install mcpscanner/tap/mcpscanner
# From source (requires Go 1.24+)
go install github.com/mcpscanner/cli@latest
# Or download a binary directly from GitHub Releases
# https://github.com/mcpscanner/cli/releases# Scoop (Windows)
scoop bucket add mcpscanner https://github.com/mcpscanner/scoop-bucket
scoop install mcpscanner# Scan an MCP server
mcpscanner scan https://your-mcp-server.com/mcp
# JSON output
mcpscanner scan https://your-mcp-server.com/mcp --format json
# Save HTML report
mcpscanner scan https://your-mcp-server.com/mcp --format html --output report.html
# With auth token
mcpscanner scan https://your-mcp-server.com/mcp --token "sk-your-token"
# Interactive mode
mcpscanner scan --interactive
# Scan internal/private IPs (disabled by default for safety)
mcpscanner scan http://192.168.1.100:8080/mcp --allow-internal
# Scan a config file (Claude Desktop / Cursor format)
mcpscanner scan --config ~/.claude/claude_desktop_config.json
# Quiet mode (no progress spinner)
mcpscanner scan https://your-mcp-server.com/mcp --no-progress --format json- Tool enumeration via JSON-RPC 2.0
- Filesystem, code execution, database, and network tool detection
- Path and URL parameter identification
- Input validation analysis (missing constraints)
- Excessive tool exposure (>20 tools)
- Unauthenticated access detection
- Default/weak credential testing (test, admin, password, etc.)
- Missing TLS (plain HTTP)
- CORS misconfiguration (wildcard, origin reflection)
- Path traversal (../../etc/passwd)
- Command injection (; id, | whoami)
- SQL injection (' OR '1'='1)
- SSRF (cloud metadata endpoints)
- Prompt injection reflection
- Burst request testing (20 rapid requests)
- SSRF guard blocks scanning internal IPs, loopback, link-local, and cloud metadata endpoints
- Response size cap (10 MB)
- Tool count cap (500)
- No-redirect policy
- Defensive schema normalization
Score = 100 - (Critical x 40) - (High x 15) - (Medium x 5) - (Low x 1)
A = 90+ | B = 80+ | C = 70+ | D = 50+ | F = <50
| Format | Flag | Description |
|---|---|---|
| Text | --format text |
Human-readable terminal output (default) |
| JSON | --format json |
Structured JSON for CI/CD integration |
| HTML | --format html |
Standalone HTML report with dark theme |
| Flag | Short | Default | Description |
|---|---|---|---|
--format |
-f |
text |
Output format: text, json, html |
--output |
-o |
stdout | Write report to file |
--timeout |
-t |
60 |
HTTP timeout in seconds |
--token |
Auth token (sent as Bearer) | ||
--config |
-c |
Scan MCP server config file (mcpServers JSON) | |
--no-progress |
false |
Disable live progress display | |
--interactive |
-i |
false |
Interactive mode |
--allow-internal |
false |
Allow scanning private IPs |
# Run tests
go test ./...
# Run tests with race detector
go test -race ./...
# Build
go build -o mcpscanner .
# Vet
go vet ./...Apache 2.0 — see LICENSE.
MCP Scanner CLI is the open-source command-line interface for MCP Scanner, built by codelake Technologies LLC (an Akyros Labs brand).
Visit mcpscanner.dev.