mcp-secrets-guard is an open-source CLI tool that scans projects for AI and MCP-related secrets to prevent leaks. It is designed for developers and security teams to audit codebases before deployment. Below are 14 security & compliance platforms apps with similar functionality to mcp-secrets-guard, matched by what each product actually does — not ranked or scored. Explore each to find the closest fit for your use case.
guardmcp is an open-source CLI tool that scans MCP server configurations for security issues, including secrets, injection vulnerabilities, and authentication problems. It maps findings to the OWASP MCP Top 10, helping security engineers and DevOps teams secure their deployments.
Security scanner for MCP servers — detect prompt injection, credential leaks, exposed endpoints, and tool poisoning
Security scanner for MCP (Model Context Protocol) servers - pentest your AI agent's tool connections
server-guardian-mcp is a proprietary MCP server that enables monitoring and management of remote Linux servers via SSH. It offers over 60 tools including health checks, anomaly detection, dashboards, compliance reporting, and integrations with incident management platforms, targeting DevOps teams and IT administrators.
mcp-audit-scanner is an open-source CLI tool designed to audit Model Context Protocol (MCP) server configurations for security and privacy vulnerabilities. It assists security engineers in identifying and mitigating risks in AI agent infrastructure.
mcp-security-scan is an open-source CLI tool that scans MCP servers for hardcoded secrets, unsafe execution, and missing authentication. It helps developers and security engineers identify and remediate vulnerabilities in their MCP infrastructure.
Linter for MCP (Model Context Protocol) config files used by Claude Desktop, Cursor, Cline, Windsurf, and Zed. CLI + library API.
mcp-toolguard is a tool designed to monitor contracts, detect drift, and perform security checks for MCP servers in both continuous integration (CI) environments and production. It addresses the problem of silent breaking changes in MCP server contracts that can disrupt agent operations without triggering build failures or type-checking errors. By capturing a canonical snapshot of a server's tools, schemas, and capabilities, mcp-toolguard enables versioned contract management directly within a repository, using a deterministic hash to ensure consistency. The tool employs a single engine that operates across three layers: contract validation, drift detection, and security analysis. json file, which is committed and versioned with the codebase. Drift detection classifies every change as breaking, compatible, or suspicious, using semantic diffing rather than simple text comparison. This process highlights removals and type changes as breaking, additions as compatible, and changes to descriptive text as suspicious, identifying potential prompt-injection surfaces. Security checks are enforced through 15 rules targeting threats such as tool poisoning, credential-shaped parameters, cross-tool coercion, and hidden characters, with each finding accompanied by supporting evidence. mcp-toolguard integrates with CI pipelines through a GitHub Action and can be run via the command line interface. It supports scheduled checks and alerts in production, including notifications through Slack or webhooks. The tool validates server contracts against both the current and upcoming MCP specification versions, providing independent reports for each to anticipate future breaking changes. The baseline is the accepted state, and only new findings block CI or trigger production alerts. The platform offers a free tier that operates entirely offline, requiring no signup and minimal setup. mcp-toolguard is open source and distributed under the MIT license, with installation available via pip. It is suitable for teams managing MCP servers who need to ensure contract stability, detect unauthorized changes, and enforce security policies throughout the software lifecycle.
phi-guard-mcp is an open-source CLI tool and MCP server designed to detect, redact, and audit protected health information (PHI) in medical text before it is sent to AI agents. It helps healthcare developers and privacy engineers ensure HIPAA compliance and data privacy when integrating AI into medical workflows.
hexis-mcp-guard is an open-source command-line tool that scans Model Context Protocol (MCP) servers for security vulnerabilities. It checks for issues such as misconfigurations and exposed secrets, helping administrators secure their MCP deployments. Designed for security engineers and server admins.
mcp-mcts is an open-source CLI tool for local MCP security scanning, attack chain analysis, inventory management, and CI integration. It supports optional Semgrep and LLM analysis, making it suitable for security engineers and DevOps teams focused on codebase security.
mcp-risk-linter is an open-source CLI tool that analyzes MCP server tools for readiness and security risks, including authentication, filesystem, shell, and network vulnerabilities. It helps developers and DevOps teams ensure safer deployments.
mcp-check-security is an open-source command-line tool that performs offline security checks on Model Context Protocol (MCP) server configurations. It helps developers and security engineers identify potential vulnerabilities and misconfigurations before deployment. The tool is designed for use in AI infrastructure environments.
mcp-sudo is a command-line infrastructure tool that enables secure execution of sudo commands via an MCP server, featuring encrypted password storage. It is designed for system administrators and DevOps teams managing automated privileged operations.