mcp-config-audit is an open-source command-line tool that scans Model Context Protocol (MCP) configuration files for security issues. Below are 21 security & compliance platforms apps with similar functionality to mcp-config-audit, matched by what each product actually does — not ranked or scored. Explore each to find the closest fit for your use case.
mcp-audits is an open-source CLI tool that scans, enumerates, and risk-scores permissions on locally configured MCP servers. It is designed for security engineers and AI infrastructure operators to ensure safe and compliant access control in AI systems.
mcp-audit-scanner is an open-source CLI tool designed to audit Model Context Protocol (MCP) server configurations for security and privacy vulnerabilities. It assists security engineers in identifying and mitigating risks in AI agent infrastructure.
mcp-checkup is an open-source CLI utility that audits MCP server setups, measuring context tax and hygiene. It helps AI infrastructure engineers and developers ensure their Model Context Protocol servers are efficient and healthy by providing detailed health checks and token analysis.
mcp-mcts is an open-source CLI tool for local MCP security scanning, attack chain analysis, inventory management, and CI integration. It supports optional Semgrep and LLM analysis, making it suitable for security engineers and DevOps teams focused on codebase security.
mcp-check-security is an open-source command-line tool that performs offline security checks on Model Context Protocol (MCP) server configurations. It helps developers and security engineers identify potential vulnerabilities and misconfigurations before deployment. The tool is designed for use in AI infrastructure environments.
Linter for MCP (Model Context Protocol) config files used by Claude Desktop, Cursor, Cline, Windsurf, and Zed. CLI + library API.
mcp-security-scan is an open-source CLI tool that scans MCP servers for hardcoded secrets, unsafe execution, and missing authentication. It helps developers and security engineers identify and remediate vulnerabilities in their MCP infrastructure.
mcpscore is an open-source CLI tool that analyzes MCP servers for compliance, quality, and protocol validation. It generates comprehensive reports to help developers and administrators ensure their Model Context Protocol servers meet required standards.
mcp-strike is an open-source command-line tool designed for active, runtime adversarial testing of Model Context Protocol (MCP) servers. It helps security engineers and red teams identify vulnerabilities and weaknesses by simulating attacks and scanning for issues. The tool supports automated security assessments and is freely available under the MIT license.
mcp-surfaceprint is an open-source CLI tool that allows users to inspect what an MCP server exposes before connecting to it. It helps security engineers and AI infrastructure teams audit and verify server configurations for safe integration with agent systems.
mcp-bandit is an open-source command-line tool for scanning Model Context Protocol (MCP) servers for security vulnerabilities, including prompt injection and SSRF. It is designed for security engineers to audit and analyze MCP deployments.
Reconnaissance and known-issue scanner for Model Context Protocol (MCP) servers
mcpvet is an open-source CLI tool that combines testing, linting, and contract validation for MCP servers. It integrates with pytest and ESLint, streamlining the development and quality assurance process for developers working with the Model Context Protocol.
Security scanner for MCP (Model Context Protocol) servers - pentest your AI agent's tool connections
shieldclaw-mcp is an open-source CLI tool that acts as a permission layer for AI agent tool calls on Model Context Protocol (MCP) servers. It enables allow, deny, or ask policies with comprehensive audit logging, helping developers enforce security and compliance in AI agent infrastructure.
ai-agentic-mcpscan is an open-source command-line tool that provides local-first, offline-by-default security posture scanning for Model Context Protocol (MCP) and local-agent environments. It is intended for security engineers and teams managing agent-based infrastructures.
boxadm-mcp is an open-source MCP server designed for Box admin-log analytics, offering external-sharing visibility and read-only access for security auditing. It helps enterprise IT administrators monitor and analyze Box usage and sharing activities for compliance and security.
MCP Pre-Flight is a web-based tool that audits Model Context Protocol (MCP) server submissions for compatibility with Claude and OpenAI directories. It performs protocol checks, OAuth validation, and source code analysis to help developers ensure compliance before submission.
mcp-toolsmith is an open-source CLI utility for auditing and compiling Python tool schemas for use with LLM agents. It validates schemas against the Model Context Protocol, helping developers ensure compatibility and correctness before deployment.
mcpgawk is an open-source CLI tool for measuring and verifying MCP (Model Context Protocol) servers locally. It ensures no inventory data leaves the user's machine, providing security and transparency for AI infrastructure engineers and researchers. The tool is Apache-2.0 licensed.
mcp-risk-linter is an open-source CLI tool that analyzes MCP server tools for readiness and security risks, including authentication, filesystem, shell, and network vulnerabilities. It helps developers and DevOps teams ensure safer deployments.