mcp-panther and mcp-audit
These are complementary tools: Panther provides detection and investigation capabilities for security incidents, while mcp-audit performs pre-incident reconnaissance by scanning MCP configurations for vulnerabilities and exposed resources that Panther would then monitor.
About mcp-panther
panther-labs/mcp-panther
Write detections, investigate alerts, and query logs from your favorite AI agents
Implements the Model Context Protocol (MCP) to expose Panther's detection, alerting, and data lake capabilities as AI agent tools—enabling natural language SQL queries against security logs, AI-powered alert triage with intelligent recommendations, and detection authoring directly from IDE-integrated agents. Provides 50+ specialized tools covering alert management (bulk operations, comments, status updates), data lake schema exploration and querying, detection lifecycle management across rules/policies, and operational metrics and access controls.
About mcp-audit
apisec-inc/mcp-audit
See what your AI agents can access. Scan MCP configs for exposed secrets, shadow APIs, and AI models. Generate AI-BOMs for compliance.
Performs static analysis of MCP configuration files across development tools (Claude Desktop, Cursor, VS Code, Windsurf, Zed) and GitHub repositories, using pattern matching to detect 25+ secret types and mapping findings to OWASP LLM Top 10 (2025). Exports results in multiple formats (JSON, CycloneDX AI-BOM, SARIF, CSV) for CI/CD integration and compliance workflows, with a browser-based GitHub scanner and local CLI tool that scans MCP configs without telemetry or network transmission.
Related comparisons
Scores updated daily from GitHub, PyPI, and npm data. How scores work