PulseGatePost-LLM software, agents & workflows market (since 2022)
Coverage
168,365

Apps indexed

 

Freshness
4 min ago

Last update

 

Cadence
1,498/day

7-day average

Indexed today: 995

PulseGate

Market catalog for public software products, models, infra, and workflow tools.

Software is shipping faster than ever, and a growing share of it lives outside the official app stores. PulseGate is a free public catalog — built for builders, analysts, and everyday users.

Platform

  • All Apps
  • Categories
  • Industry Updates
  • Data Sources
  • Coverage Rules
  • Glossary
  • Embed Widget

Support

  • Help Center
  • Submit a Project
  • Report an Issue

Company

  • About
  • Press & Data
  • Contact
  • Platform Status

Legal

  • Privacy
  • Terms
  • Disclaimer

© 2026 PulseGate. Operated by Dymaxio s.r.o., Prague, Czech Republic.·

All systems operational
  1. Home/
  2. ShieldMCP/
  3. Alternatives

ShieldMCP Alternatives

ShieldMCP is a security scanner designed to assess MCP (Model Context Protocol) configuration files for vulnerabilities and risks. Below are 16 security & compliance platforms apps with similar functionality to ShieldMCP, matched by what each product actually does — not ranked or scored. Explore each to find the closest fit for your use case.

  • MCPShield Agent
    pypi.org

    MCPShield Agent is a Python-based security platform designed to discover, monitor, and assess the risk of MCP servers within an organization. It addresses the challenge of shadow AI infrastructure, where unauthorized or unmonitored MCP servers may expose sensitive data through misconfigured access to databases, file systems, and APIs. The tool is intended for security teams and organizations seeking to gain visibility into MCP server deployments and reduce the risk of credential exposure, compliance violations, and data breaches arising from AI assistants like Claude and ChatGPT accessing critical systems. The platform operates by deploying a lightweight agent on endpoints, which scans for MCP configurations across environments such as Claude Desktop, Cursor, VS Code, and custom setups. It supports Windows, macOS, and Linux, and can be installed via PyPI using a pip command. The agent automatically discovers all MCP servers on a machine, analyzes their configurations, and calculates a risk score from 0 to 100 for each server based on factors like database access patterns, sensitive environment variables, file system permissions, and the presence of plaintext credentials or API tokens. Risk findings are categorized by severity (Critical, High, Medium, Low) and are surfaced immediately in a web-based dashboard, providing detailed breakdowns of each risk factor and enabling teams to prioritize remediation efforts. MCPShield Agent offers on-demand scanning, allowing users to generate a complete inventory of MCP servers at any time, with results uploaded to the dashboard. The platform also features live activity timelines, instant alerts for high-risk configurations, and the ability to embed dynamic risk score badges in internal documentation. Scheduled scanning, change tracking, Slack and webhook integrations, and a badge embed API are noted as upcoming features. For developers, MCPShield integrates into CI pipelines, automatically risk-scoring pull requests that modify MCP configurations, with a GitHub Action available for streamlined workflow integration. The tool provides a free tier and is open source under the MIT license, emphasizing privacy by never capturing credential values. No signup is required for certain scanning features, and the agent can be used without an API key in CI environments. MCPShield Agent positions itself as a privacy-first, compliance-aware solution for organizations seeking complete visibility over their AI-connected infrastructure.

  • mcp-security-scan
    pypi.org

    mcp-security-scan is an open-source CLI tool that scans MCP servers for hardcoded secrets, unsafe execution, and missing authentication. It helps developers and security engineers identify and remediate vulnerabilities in their MCP infrastructure.

  • RelayShield MCP
    relayshield.net

    RelayShield MCP is a security monitoring platform designed to address the risks that arise after personal or business data has been exposed in a breach. The tool specifically focuses on the attack chain that follows a data leak, such as SIM swap attacks, session hijacking, and infostealer malware infections, which can compromise two-factor authentication and lead to financial loss. RelayShield provides real-time monitoring for breaches, SIM/eSIM swaps, infostealer malware activity, session hijacking, and suspicious SMS or smishing attempts. The platform delivers alerts and remediation guidance through conversational channels, notably WhatsApp and Telegram. Users receive instant notifications with severity scoring, infection dates, device information, and credential exposure details. RelayShield guides users through remediation steps, including device isolation and password changes, and tracks progress until protection is restored. Additional features include an email security sweep to close backdoors, instant file and link scanning for threats, vishing preparedness, and audits of connected third-party apps with access to Google and Microsoft accounts. The system also offers active session audits and revocation, as well as domain monitoring for business users. RelayShield is available to individuals, families, sole proprietors, freelancers, and business teams. Plans range from personal protection to business-oriented tiers with features such as domain monitoring, contractor and employee seats, team seat management, quarterly sweep reminders, and monthly security digests. The service requires WhatsApp for onboarding and alerts, and provides an official Telegram bot for notifications. For security teams and enterprise integration, RelayShield offers a REST API suitable for SOAR playbooks, SIEM enrichment, and incident response workflows, with pay-as-you-go and subscription pricing models. The intelligence pipeline monitors criminal Telegram channels in real time, surfacing indicators of compromise before they appear in public databases. RelayShield MCP positions itself as a solution for monitoring the full lifecycle of post-breach threats, providing actionable alerts and remediation guidance through widely used messaging platforms.

  • shieldbot-mcp
    github.com

    AI-powered security code review MCP server for Claude Code — combines CodeQL, Semgrep (5,000+ rules), bandit, detect-secrets, Dependabot CLI, osv-scanner, Trivy (Docker image scanning), pip-audit, and npm-audit

  • guardmcp
    github.com

    guardmcp is an open-source CLI tool that scans MCP server configurations for security issues, including secrets, injection vulnerabilities, and authentication problems. It maps findings to the OWASP MCP Top 10, helping security engineers and DevOps teams secure their deployments.

  • mcp-mcts
    pypi.org

    mcp-mcts is an open-source CLI tool for local MCP security scanning, attack chain analysis, inventory management, and CI integration. It supports optional Semgrep and LLM analysis, making it suitable for security engineers and DevOps teams focused on codebase security.

  • MCP Shark
    mcpshark.sh

    MCP Shark is a forensic analysis and security tool for Model Context Protocol (MCP) communications. It offers real-time traffic monitoring, security scanning, and detailed request inspection for developers and security professionals working with MCP servers.

  • SkillShield
    skillshield.io

    SkillShield is a web platform that analyzes AI agent skills and MCP servers for security vulnerabilities, providing a 0-100 trust score and embeddable badges. It helps developers and organizations ensure the safety of their AI integrations.

  • hexis-mcp-guard
    pypi.org

    hexis-mcp-guard is an open-source command-line tool that scans Model Context Protocol (MCP) servers for security vulnerabilities. It checks for issues such as misconfigurations and exposed secrets, helping administrators secure their MCP deployments. Designed for security engineers and server admins.

  • mcp-safeguard
    pypi.org

    Security scanner for MCP servers — detect prompt injection, credential leaks, exposed endpoints, and tool poisoning

  • MCPSafe
    mcpsafe.io

    MCPSafe is a security scanner designed specifically for Model Context Protocol (MCP) servers, offering pre-install audits to identify vulnerabilities and threats before deployment. The platform is aimed at developers who need to vet MCP servers prior to installation, as well as registry operators responsible for publishing secure catalogs. It provides both fast and deep scans, delivering a quick verdict in approximately three minutes and a more thorough consensus-based analysis in about twenty minutes. The tool combines static analysis with evaluations from five independent large language models (LLMs) to detect a wide range of issues. Its static analysis capabilities identify code-level vulnerabilities such as command injection, SQL injection, server-side request forgery (SSRF), path traversal, and hardcoded secrets. The LLM consensus approach uncovers more complex threats including tool poisoning, silent rug pulls, indirect prompt injection, and obfuscated intent that may evade traditional pattern matching. MCPSafe also performs typosquatting checks to flag lookalike package names, unverified publishers, and unpinned dependencies, helping to prevent supply chain attacks. A permission audit feature evaluates each tool’s real-world access, highlighting excessive permissions, weak authentication, and unintended network exposure. MCPSafe supports scanning a variety of sources, including GitHub repositories, npm and PyPI packages, Docker images, and MCP registry IDs. Users can specify a particular version for targeted analysis. The platform provides actionable score reports using the AIVSS (AI Vulnerability Scoring System), which extends traditional vulnerability scoring with factors relevant to agentic threats, and maps findings to CWE standards. Each scan generates a live SVG badge that can be embedded in documentation to display the current security grade. Results are kept up-to-date by fingerprinting the commit or version on every request, with rescans triggered automatically for new commits. The service is delivered as a web-based platform and is free to use, requiring no signup or credit card for public package scans. Signed-in users benefit from higher rate limits and access to scan history. MCPSafe is developed and operated from Germany.

  • mcp-strike
    pypi.org

    mcp-strike is an open-source command-line tool designed for active, runtime adversarial testing of Model Context Protocol (MCP) servers. It helps security engineers and red teams identify vulnerabilities and weaknesses by simulating attacks and scanning for issues. The tool supports automated security assessments and is freely available under the MIT license.

  • ShieldPi
    shieldpi.io

    ShieldPi is a security testing platform focused on automated red-teaming and runtime monitoring for large language model (LLM) applications, AI agents, and MCP servers. It addresses the challenge of proactively identifying vulnerabilities and attack surfaces in AI-driven systems through offensive security techniques and continuous observability. The platform is designed for organizations deploying AI agents or MCP servers who require rigorous security validation and ongoing threat monitoring. The service leverages a corpus of over 120,000 real-world attack techniques, including jailbreaks, injections, exfiltration methods, and MCP-specific vulnerabilities. ShieldPi's workflow consists of five stages: fingerprinting the target's defenses, executing adaptive attack chains, verifying findings through a three-juror panel, generating audit-ready evidence mapped to standards such as OWASP, MITRE ATLAS, NIST, and the EU AI Act, and maintaining a runtime guard for ongoing protection. Each attack is confirmed with reproducible proof, and the system provides sub-200 millisecond verdicts for runtime events. Findings are exportable in compliance-mapped reports, and the platform supports integration with security information and event management (SIEM) systems including Splunk, Datadog, Sentinel, OCSF, CEF, and Syslog. ShieldPi operates across multiple surfaces: pre-deployment scans for models, APIs, browser apps, and agents; live monitoring of agent activity including prompts, tool calls, memory writes, and responses; endpoint forensics correlating device activity with agent behavior; and SOC response features for incident triage and automated containment. The platform can be engaged via browser, Python SDK, or endpoint collectors, and it offers features such as adaptive multi-turn attack chains, exploit-depth scoring, and trajectory analysis for suspicious agent behaviors. It also maintains a public leaderboard grading the hardening of major foundation models based on real vulnerability scores updated weekly. A free scan option is available for MCP servers, allowing organizations to assess their exposure before wider adoption of the platform. , and is positioned as an offensive-first security workflow unifying attack simulation, telemetry correlation, and compliance reporting for AI systems.

  • mcpsec
    github.com

    Security scanner for MCP (Model Context Protocol) servers - pentest your AI agent's tool connections

  • mcp-vuln-scanner
    github.com

    AI-powered security vulnerability scanner for MCP (Model Context Protocol) servers with automatic fixes, secret detection, and multi-channel alerts

  • MCP Score
    timeahead.in

    MCP Score is an independent trust registry that evaluates and rates Model Context Protocol (MCP) servers. It addresses the need for transparency and trust in the MCP server ecosystem by providing nightly updated scores based on multiple criteria, including security, freshness, adoption, quality, and trust. The platform is designed for users seeking to assess the reliability and security of MCP servers, such as developers, organizations, or anyone integrating with MCP-based tools. The scoring methodology is public and versioned, allowing users to understand how each server's MCPScore (ranging from 0 to 100) is calculated. The score is determined by weighted factors: security (35%), freshness (25%), adoption (20%), quality (10%), and trust (10%). MCP Score highlights top-rated servers, most downloaded servers, new arrivals, security risks, and servers experiencing score drops. Users can search and filter through a directory of over 46,000 MCP servers, browse by category (such as Databases, Dev Tools, Web Scraping, Automation, AI & ML, Finance, Monitoring, Communication, Search, Storage, and others), and compare servers based on score, stars, downloads, and other metrics. The registry covers MCP servers distributed via npm and PyPI, as well as those hosted on GitHub, and provides detailed listings with weekly download counts and repository star numbers. Users can monitor score changes, check for regressions, and identify potential security risks. The platform emphasizes its independence by stating it does not accept vendor money, reinforcing its position as an unbiased source of trust ratings for MCP servers. MCP Score is delivered as a web-based service accessible through its website. It serves as a resource for evaluating the security and trustworthiness of MCP servers across a wide range of categories and use cases.