mcp-risk-linter is an open-source CLI tool that analyzes MCP server tools for readiness and security risks, including authentication, filesystem, shell, and network vulnerabilities. Below are 39 code review & quality apps with similar functionality to mcp-risk-linter, matched by what each product actually does — not ranked or scored. Explore each to find the closest fit for your use case.
Linter for MCP (Model Context Protocol) config files used by Claude Desktop, Cursor, Cline, Windsurf, and Zed. CLI + library API.
mcp-audits is an open-source CLI tool that scans, enumerates, and risk-scores permissions on locally configured MCP servers. It is designed for security engineers and AI infrastructure operators to ensure safe and compliant access control in AI systems.
Security scanner for MCP (Model Context Protocol) servers - pentest your AI agent's tool connections
mcp-audit-scanner is an open-source CLI tool designed to audit Model Context Protocol (MCP) server configurations for security and privacy vulnerabilities. It assists security engineers in identifying and mitigating risks in AI agent infrastructure.
mcp-strike is an open-source command-line tool designed for active, runtime adversarial testing of Model Context Protocol (MCP) servers. It helps security engineers and red teams identify vulnerabilities and weaknesses by simulating attacks and scanning for issues. The tool supports automated security assessments and is freely available under the MIT license.
Static analysis tool for MCP server Python code — detects security vulnerabilities via AST and taint tracking.
mcpolish is a command-line static linter for Model Context Protocol (MCP) servers. It helps developers catch vague, colliding, or misleading tool descriptions before AI agents interact with them, improving reliability and clarity in agentic workflows.
Security scanner for MCP servers — detect prompt injection, credential leaks, exposed endpoints, and tool poisoning
mcp-mcts is an open-source CLI tool for local MCP security scanning, attack chain analysis, inventory management, and CI integration. It supports optional Semgrep and LLM analysis, making it suitable for security engineers and DevOps teams focused on codebase security.
CI gate for MCP servers
mcp-bandit is an open-source command-line tool for scanning Model Context Protocol (MCP) servers for security vulnerabilities, including prompt injection and SSRF. It is designed for security engineers to audit and analyze MCP deployments.
Lookup MCP servers in the official MCP Registry by name or URL.
mcp-check-security is an open-source command-line tool that performs offline security checks on Model Context Protocol (MCP) server configurations. It helps developers and security engineers identify potential vulnerabilities and misconfigurations before deployment. The tool is designed for use in AI infrastructure environments.
AI-powered security vulnerability scanner for MCP (Model Context Protocol) servers with automatic fixes, secret detection, and multi-channel alerts
Simple MCP Client to quickly test and explore MCP servers from the command line
mcp-security-scan is an open-source CLI tool that scans MCP servers for hardcoded secrets, unsafe execution, and missing authentication. It helps developers and security engineers identify and remediate vulnerabilities in their MCP infrastructure.
MCP server for LibreNMS management
Reconnaissance and known-issue scanner for Model Context Protocol (MCP) servers
eip-mcp is an open-source MCP server that delivers vulnerability and exploit intelligence for AI assistants. It supports the Model Context Protocol and is designed for integration into security and AI workflows. Distributed under the MIT license.
mcp-checkup is an open-source CLI utility that audits MCP server setups, measuring context tax and hygiene. It helps AI infrastructure engineers and developers ensure their Model Context Protocol servers are efficient and healthy by providing detailed health checks and token analysis.
guardmcp is an open-source CLI tool that scans MCP server configurations for security issues, including secrets, injection vulnerabilities, and authentication problems. It maps findings to the OWASP MCP Top 10, helping security engineers and DevOps teams secure their deployments.
mcpvet is an open-source CLI tool that combines testing, linting, and contract validation for MCP servers. It integrates with pytest and ESLint, streamlining the development and quality assurance process for developers working with the Model Context Protocol.
lm-mcp is an open-source MCP server that integrates LogicMonitor platform APIs with external systems. It provides an API gateway for monitoring and automation, targeting DevOps engineers and system integrators.
mcp-fence is an open-source CLI tool for security scanning, protocol inspection, dynamic fuzzing, and sandboxed testing of Model Context Protocol (MCP) servers. It helps AI infrastructure engineers identify vulnerabilities and generate security reports.
MCP server for Link local agent memory — remember, recall, search, context, and graph traversal
bash-vet-mcp is an open-source CLI tool and MCP server that analyzes and vets shell commands generated by LLMs before execution. It detects potentially destructive patterns and enforces security rules, helping developers and AI agent operators run automation safely.
Secure Model Context Protocol server for Rootly APIs with AI SRE capabilities, comprehensive error handling, and input validation
MCP Server bridging to LSP servers for structured code introspection
mcp-llm-eval is an open-source CLI tool and MCP server that packages LLM evaluation gates as reusable primitives for CI/CD workflows. It enables developers and ML engineers to automate and standardize the evaluation of large language models within their development pipelines. The tool supports benchmarking and integration with MCP for scalable model assessment.
Test your MCP server like you test an API — declarative YAML, CI-ready, zero boilerplate.
Kubernetes production-readiness auditor, exposed as an MCP server and CLI.
Agent complaint box — one-tool MCP for logging bugs and improvement requests
Turn any MCP server or OpenAPI spec into a CLI
mcp-agent-tester is an open-source tool for inspecting, testing, and running MCP servers and agents. It provides both a web UI and CLI, supports JSON trace export, and is designed for developers working with Model Context Protocol agents and infrastructure.
mcp-secrets-guard is an open-source CLI tool that scans projects for AI and MCP-related secrets to prevent leaks. It is designed for developers and security teams to audit codebases before deployment.
MCP server for Sentinel QA — manage test cases from any AI assistant
mcp-defense is a CLI tool for AI infrastructure engineers and security teams, providing kernel-native runtime defense for AI agents. It enforces MCP tool-call policies and correlates kernel events to secure agentic workloads such as Claude Code, Codex, and Devin.
mcp-base is an open-source CLI tool for setting up and managing Model Context Protocol (MCP) servers. It supports OIDC authentication with providers like Auth0, Dex, and Keycloak, and integrates with Kubernetes for scalable deployments.
mcpfuzz is an open-source command-line tool for dynamically scanning Model Context Protocol (MCP) servers. It actively probes live servers with exploit payloads to identify vulnerabilities, supporting security researchers and penetration testers in automating MCP server assessments.