Trusted by developers worldwide

Secure Your MCP Servers

MCPSafe is the security scanner and quality registry for Model Context Protocol servers. Scan for vulnerabilities, verify trust, and discover safe MCP tools for your AI applications.

Popular:

Trusted by the MCP Community

Real-time security intelligence for Model Context Protocol servers

0+
Verified Servers
0+
Security Scans
0+
CVEs Detected
0+
Security Rules
Verified Secure

Featured Secure Servers

Top-rated MCP servers with verified security scores. Trusted by developers worldwide.

Security Alerts

Recent Vulnerabilities

Stay informed about the latest security issues discovered in MCP servers.

Why MCPSafe?

Comprehensive security analysis for MCP servers to keep your AI applications safe.

Security Scanning

Deep analysis of MCP server code for vulnerabilities, unsafe patterns, and potential security risks.

Code Analysis

AST-based parsing to detect command injection, credential exposure, and dangerous API usage.

Trust Registry

Browse and discover verified MCP servers with security scores and community reviews.

Built for AI Agents

Connect Your Agent in Seconds

One endpoint. Full security intelligence. Built for Claude, GPT, and any AI agent.

Quick Start — Get Service Info

No auth required. Your agent can discover all capabilities instantly.

GEThttps://api.mcpsafe.org/api/agent/info

Response:

{
  "service": "MCPSafe",
  "capabilities": ["scan_url", "get_report", "get_badge"],
  "endpoints": {
    "scan": "POST /api/v1/scans/url",
    "badge": "GET /api/badge/{slug}.svg"
  },
  "free_tier": { "scans_per_month": 1 }
}

Instant Scans

Submit any GitHub URL, get security results in seconds

Security Badges

Embed trust badges for any scanned server

Full Registry

Query verified MCP servers with security and quality scores

Free: 1 scan/month • Pro ($7/mo): 10 scans • Team ($29/mo): Unlimited

Powerful Features

Everything You Need for MCP Security

From deep code analysis to continuous monitoring, MCPSafe provides a complete security toolkit for the Model Context Protocol ecosystem.

AST-Based Analysis

Tree-sitter powered parsing for JavaScript, TypeScript, and Python. Analyze code structure without executing it.

50+ Security Rules

Comprehensive rule set covering OWASP Top 10, command injection, path traversal, SSRF, and more.

Real-Time Scanning

Scan any MCP server in seconds. Submit a GitHub URL, npm package, or upload source code directly.

Vulnerability Details

Get detailed reports with code snippets, line numbers, CWE IDs, CVSS scores, and remediation guidance.

CI/CD Integration

GitHub Actions and CLI tools to automate security checks in your development workflow.

Security Alerts

Get notified when new vulnerabilities are discovered in servers you're watching.

API Access

Full REST API with OpenAPI documentation. Build custom integrations and workflows.

Quality Metrics

Beyond security: documentation quality, test coverage, maintenance activity, and compatibility scores.

Registry Discovery

Browse the verified MCP registry, backed by 450 scanned sources and strict cleanup of non-server packages.

100% Free

100% Free — No Limits

Every feature is free for everyone. Unlimited scans, full registry access, API access, webhooks, and more — no credit card required.

  • Full registry access — all servers
  • Unlimited security scans
  • Detailed vulnerability reports
  • Full API access
  • Unlimited watchlist
  • Webhook notifications
  • CI/CD integration
  • Email alerts

Ready to secure your MCP servers?

Everything is free — create an account and start scanning in seconds.