Mcpshield

STDIOregistry active

Summary

A security scanner that analyzes MCP servers and GitHub repositories for vulnerabilities using 59+ detection rules based on the OWASP MCP Top 10. You point it at an HTTP MCP endpoint or a repo URL, and it scans for tool poisoning, injection attacks, and other security issues. It returns findings with severity levels and exits with code 2 if it detects critical problems, making it straightforward to gate deployments in CI/CD pipelines. Requires a free API key from mcpshield.co. Reach for this when you're vetting third-party MCP servers before connecting them to Claude, or when you want automated security checks on your own servers before deployment.

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

MCPShield CLI

Scan MCP servers and GitHub repositories for security vulnerabilities.

Install

npm install -g mcpshield

Setup

Get a free API key at mcpshield.co/settings, then:

mcpshield auth mcp_sk_your_key_here

Usage

# Scan an HTTP MCP server
mcpshield scan --url https://mcp-server.example.com/mcp

# Scan a GitHub repository
mcpshield scan --github https://github.com/user/repo

# JSON output (for CI/CD)
mcpshield scan --url https://mcp-server.example.com/mcp --json

# Filter by severity
mcpshield scan --url https://mcp-server.example.com/mcp --severity high

Exit Codes

0 — Scan completed, no critical findings
1 — Error (invalid key, rate limit, scan failure)
2 — Scan completed with critical findings

Environment Variables

MCPSHIELD_API_KEY — API key (alternative to mcpshield auth)
MCPSHIELD_API_URL — Custom API endpoint (for self-hosted)

License

MIT

Featured

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

Mcpshield

MCPShield CLI

Install

Setup

Usage

Exit Codes

Environment Variables

License

Mcpshield

MCPShield CLI

Install

Setup

Usage

Exit Codes

Environment Variables

License

Related Security & Pentesting MCP Servers

Related Security & Pentesting MCP Servers