Summary

The MCP Scanner is a Python-based security tool designed to identify vulnerabilities and malicious content within Model Context Protocol (MCP) servers and associated tools. It targets developers and security professionals working with MCP environments, offering a comprehensive solution to detect threats by integrating multiple advanced scanning engines.

How It Works

This tool employs a multi-engine approach, combining the Cisco AI Defense inspect API, custom YARA rules, and a Large Language Model (LLM) acting as a judge. This allows for flexible security analysis, enabling users to leverage all three engines simultaneously or select specific ones based on their needs. The architecture supports both a standalone Command Line Interface (CLI) and a REST API server for seamless integration into existing workflows.

Quick Start & Requirements

• Installation: Install via pip using uv pip install cisco-ai-mcp-scanner or from source by cloning the repository and running uv pip install ..
• Prerequisites: Python 3.11+ and uv package manager.
• Dependencies: An optional Cisco AI Defense API Key and an optional LLM Provider API Key (e.g., OpenAI, AWS Bedrock) are required for full functionality. Environment variables are used for configuration.
• Documentation: API documentation is available at http://localhost:8000/docs when the API server is running, and further details can be found in docs/api-reference.md.

Highlighted Details

• Multi-Engine Analysis: Integrates Cisco AI Defense API, YARA rules, and LLM-as-a-judge for robust threat detection.
• Flexible Deployment: Operates as a stand-alone CLI tool or a REST API server.
• Comprehensive Scanning: Capable of scanning MCP tools, prompts, and resources.
• Customization: Supports custom YARA rules and fine-grained authentication, including OAuth.
• Extensive Configuration: Allows configuration for various LLM providers (OpenAI, AWS Bedrock) and custom endpoints.

Maintenance & Community

The provided README does not contain specific details regarding notable contributors, community channels (like Discord or Slack), or a public roadmap.

Licensing & Compatibility

• License: Distributed under the Apache 2.0 License.
• Compatibility: The Apache 2.0 license is permissive and generally compatible with commercial use and closed-source projects.

Limitations & Caveats

The tool's full potential is realized when configured with API keys for both Cisco AI Defense and a chosen LLM provider, which may introduce setup complexity. The README does not specify any alpha/beta status or known bugs.