sahiloj/MCPScan

Score: 45.7 Rank #420

Offensive MCP server auditor — detects tool poisoning, credential leaks, RCE vectors, SSRF, session hijacking, and supply chain vulnerabilities across stdio, HTTP, and SSE transports.

Overview

sahiloj/MCPScan is a TypeScript MCP server licensed under MIT. Offensive MCP server auditor — detects tool poisoning, credential leaks, RCE vectors, SSRF, session hijacking, and supply chain vulnerabilities across stdio, HTTP, and SSE transports.

Ranked #420 out of 25632 indexed tools.

In the top 2% of all indexed tools.

Actively maintained with commits in the last week.

Ecosystem

TypeScript MIT

Signal Breakdown

Stars 12

Freshness 4d ago

Issue Health 50%

Contributors 0

Dependents 0

Forks 2

Description Detailed

License MIT

How to Improve

Contributors medium impact

Single-contributor projects carry bus-factor risk — welcoming contributors boosts confidence

Dependents medium impact

No downstream dependents detected yet — adoption by other projects is the strongest trust signal

Badge

Markdown

[![AgentRank](https://agentrank-ai.com/api/badge/tool/sahiloj--MCPScan)](https://agentrank-ai.com/tool/sahiloj--MCPScan)

HTML

<a href="https://agentrank-ai.com/tool/sahiloj--MCPScan"><img src="https://agentrank-ai.com/api/badge/tool/sahiloj--MCPScan" alt="AgentRank"></a>

Details

Stars: 12
Forks: 2
Open Issues: 0
Closed Issues: 0
Contributors: 0
Dependents: —
Language: TypeScript
License: MIT
Last Commit: 4d ago

Matched Queries

"mcp server""mcp-server"

View on GitHub →

Are you the maintainer? Claim this listing