How Scanning Works
MCPSafe uses static analysis to find security vulnerabilities in MCP server code without executing it. Here's how the scanner works under the hood.
AST-Based Analysis
Uses Tree-sitter to parse code into Abstract Syntax Trees, enabling precise pattern matching without executing code.
Multi-Language Support
Analyzes JavaScript, TypeScript, and Python codebases with language-specific security rules.
50+ Security Rules
Comprehensive rule set covering OWASP Top 10, command injection, path traversal, SSRF, and more.
Fast Scanning
Most scans complete in under 60 seconds, even for large codebases with thousands of files.
Scanning Process
Source Retrieval
The scanner fetches source code from GitHub, npm, or PyPI based on the provided URL.
Code Parsing
Tree-sitter parses the code into an AST for each supported language in the project.
Pattern Matching
Security rules are applied to the AST to detect vulnerable patterns and practices.
Severity Classification
Each finding is assigned a severity based on CVSS scoring and potential impact.
Report Generation
Results are compiled into a detailed report with locations, descriptions, and remediation advice.
Rule Categories
Our security rules are organized into categories based on vulnerability type.
Command Injection
Detects shell command execution with user input
Code Injection
Finds eval(), Function(), and dynamic code execution
Path Traversal
Identifies file system access vulnerabilities
Network Security
SSRF, insecure URLs, and network-related issues
Hardcoded Secrets
API keys, passwords, and credentials in code
SQL Injection
Unsafe database query construction
Authentication
Weak auth patterns and missing checks
Information Disclosure
Sensitive data exposure in logs/errors
Supported Languages
Support for additional languages (Go, Rust, Java) is planned for future releases.