mcp-toolguard is an open-source CLI tool for contract testing, drift detection, and security checks on MCP servers. Below are 18 testing & qa apps with similar functionality to mcp-toolguard, matched by what each product actually does — not ranked or scored. Explore each to find the closest fit for your use case.
guardmcp is an open-source CLI tool that scans MCP server configurations for security issues, including secrets, injection vulnerabilities, and authentication problems. It maps findings to the OWASP MCP Top 10, helping security engineers and DevOps teams secure their deployments.
hexis-mcp-guard is an open-source command-line tool that scans Model Context Protocol (MCP) servers for security vulnerabilities. It checks for issues such as misconfigurations and exposed secrets, helping administrators secure their MCP deployments. Designed for security engineers and server admins.
mcp-mcts is an open-source CLI tool for local MCP security scanning, attack chain analysis, inventory management, and CI integration. It supports optional Semgrep and LLM analysis, making it suitable for security engineers and DevOps teams focused on codebase security.
mcpvet is an open-source CLI tool that combines testing, linting, and contract validation for MCP servers. It integrates with pytest and ESLint, streamlining the development and quality assurance process for developers working with the Model Context Protocol.
mcp-check-security is an open-source command-line tool that performs offline security checks on Model Context Protocol (MCP) server configurations. It helps developers and security engineers identify potential vulnerabilities and misconfigurations before deployment. The tool is designed for use in AI infrastructure environments.
server-guardian-mcp is a proprietary MCP server that enables monitoring and management of remote Linux servers via SSH. It offers over 60 tools including health checks, anomaly detection, dashboards, compliance reporting, and integrations with incident management platforms, targeting DevOps teams and IT administrators.
mcp-strike is an open-source command-line tool designed for active, runtime adversarial testing of Model Context Protocol (MCP) servers. It helps security engineers and red teams identify vulnerabilities and weaknesses by simulating attacks and scanning for issues. The tool supports automated security assessments and is freely available under the MIT license.
mcp-secrets-guard is an open-source CLI tool that scans projects for AI and MCP-related secrets to prevent leaks. It is designed for developers and security teams to audit codebases before deployment.
threatlocker-mcp is an open-source MCP server that integrates with the ThreatLocker Portal API, enabling developers and security engineers to automate endpoint protection and security workflows. It supports CLI and API-based operations.
mcp-checkup is an open-source CLI utility that audits MCP server setups, measuring context tax and hygiene. It helps AI infrastructure engineers and developers ensure their Model Context Protocol servers are efficient and healthy by providing detailed health checks and token analysis.
mcp-audits is an open-source CLI tool that scans, enumerates, and risk-scores permissions on locally configured MCP servers. It is designed for security engineers and AI infrastructure operators to ensure safe and compliant access control in AI systems.
Security scanner for MCP servers — detect prompt injection, credential leaks, exposed endpoints, and tool poisoning
covenant-mcp is an open-source CLI tool that lints contracts for MCP (Model Context Protocol) servers, helping developers catch breaking schema changes before deployment. It is designed for teams building agent infrastructure and tools using MCP.
mcp-builder-toolkit is an open-source CLI utility that generates Python MCP server projects based on manifest files. It streamlines the process of creating readable and tested server code, making it easier for developers to scaffold and maintain MCP-compliant services.
mcp-security-scan is an open-source CLI tool that scans MCP servers for hardcoded secrets, unsafe execution, and missing authentication. It helps developers and security engineers identify and remediate vulnerabilities in their MCP infrastructure.
shieldclaw-mcp is an open-source CLI tool that acts as a permission layer for AI agent tool calls on Model Context Protocol (MCP) servers. It enables allow, deny, or ask policies with comprehensive audit logging, helping developers enforce security and compliance in AI agent infrastructure.
phi-guard-mcp is an open-source CLI tool and MCP server designed to detect, redact, and audit protected health information (PHI) in medical text before it is sent to AI agents. It helps healthcare developers and privacy engineers ensure HIPAA compliance and data privacy when integrating AI into medical workflows.
mcp-defense is a CLI tool for AI infrastructure engineers and security teams, providing kernel-native runtime defense for AI agents. It enforces MCP tool-call policies and correlates kernel events to secure agentic workloads such as Claude Code, Codex, and Devin.