mcp-surfaceprint is an open-source CLI tool that allows users to inspect what an MCP server exposes before connecting to it. Below are 10 security & compliance platforms apps with similar functionality to mcp-surfaceprint, matched by what each product actually does — not ranked or scored. Explore each to find the closest fit for your use case.
mcp-security-scan is an open-source CLI tool that scans MCP servers for hardcoded secrets, unsafe execution, and missing authentication. It helps developers and security engineers identify and remediate vulnerabilities in their MCP infrastructure.
mcp-tool-auditor is an open-source command-line tool designed for security researchers to scan and pentest MCP servers. It provides both defensive scanning and offensive pentesting capabilities, mapping to the OWASP MCP Top 10. The tool helps identify and mitigate security vulnerabilities in AI and LLM-related infrastructures.
mcp-audits is an open-source CLI tool that scans, enumerates, and risk-scores permissions on locally configured MCP servers. It is designed for security engineers and AI infrastructure operators to ensure safe and compliant access control in AI systems.
mcp-mcts is an open-source CLI tool for local MCP security scanning, attack chain analysis, inventory management, and CI integration. It supports optional Semgrep and LLM analysis, making it suitable for security engineers and DevOps teams focused on codebase security.
mcp-audit-scanner is an open-source CLI tool designed to audit Model Context Protocol (MCP) server configurations for security and privacy vulnerabilities. It assists security engineers in identifying and mitigating risks in AI agent infrastructure.
mcp-config-audit is an open-source command-line tool that scans Model Context Protocol (MCP) configuration files for security issues. It operates locally, requiring no account or network connection, and outputs results in SARIF format. Designed for developers and security engineers who need to audit MCP configs securely and efficiently.
mcp-checkup is an open-source CLI utility that audits MCP server setups, measuring context tax and hygiene. It helps AI infrastructure engineers and developers ensure their Model Context Protocol servers are efficient and healthy by providing detailed health checks and token analysis.
mcp-strike is an open-source command-line tool designed for active, runtime adversarial testing of Model Context Protocol (MCP) servers. It helps security engineers and red teams identify vulnerabilities and weaknesses by simulating attacks and scanning for issues. The tool supports automated security assessments and is freely available under the MIT license.
mcpscore is an open-source CLI tool that analyzes MCP servers for compliance, quality, and protocol validation. It generates comprehensive reports to help developers and administrators ensure their Model Context Protocol servers meet required standards.
Static analysis tool for MCP server Python code — detects security vulnerabilities via AST and taint tracking.