mcp-tool-auditor is an open-source command-line tool designed for security researchers to scan and pentest MCP servers. It provides both defensive scanning and offensive pentesting capabilities, mapping to the OWASP MCP Top 10. The tool helps identify and mitigate security vulnerabilities in AI and LLM-related infrastructures.
In the Security & compliance platforms space, mcp-tool-auditor takes a focused approach. It focuses on detecting and mitigating security vulnerabilities in MCP servers through automated scanning and pentesting. mcp-tool-auditor is an open-source project aimed at security researchers. The project is open source (MIT). It runs on the command line.
Perparim Mjeku builds and maintains mcp-tool-auditor, and the product first shipped in 2026. The project is developed in the open on GitHub with 78 commits in the last 90 days. Across PulseGate's embedding index, mcp-tool-auditor has few near neighbours, marking it as relatively distinct. Among its 6 catalogued features are defensive scanning, offensive pentesting, and OWASP MCP Top 10 mapping.
Latest indexed changes and source events
mcp-tool-auditor discovered by the PulseGate indexer
Other apps tracked under the same category.