mcp-audit and mcp-checkpoint
These two tools are complements, with MCP Checkpoint actively monitoring and securing Model Context Protocol operations and MCP Audit providing a post-configuration scan to identify exposed secrets, shadow APIs, and generate AI-BOMs for compliance based on those operations.
About mcp-audit
apisec-inc/mcp-audit
See what your AI agents can access. Scan MCP configs for exposed secrets, shadow APIs, and AI models. Generate AI-BOMs for compliance.
This tool helps security and compliance teams understand what information their AI agents can access before deployment. It scans configuration files from AI development tools to identify exposed secrets, API endpoints, and AI models. The output is a clear report, including AI-BOMs, that pinpoints potential security risks, enabling teams to remediate issues and ensure compliance.
About mcp-checkpoint
aira-security/mcp-checkpoint
MCP Checkpoint continuously secures and monitors Model Context Protocol operations through static and dynamic scans, revealing hidden risks in agent-to-tool communications.
This tool helps AI security engineers and developers automatically find and analyze Model Context Protocol (MCP) servers used by their AI agents. It takes your agent configuration files and local MCP server data as input. It then identifies potential security vulnerabilities and generates detailed reports, letting you proactively secure your AI agent's interactions with external tools and resources.
Related comparisons
Scores updated daily from GitHub, PyPI, and npm data. How scores work