apisec-inc/mcp-audit

See what your AI agents can access. Scan MCP configs for exposed secrets, shadow APIs, and AI models. Generate AI-BOMs for compliance.

50
/ 100
Established

Performs static analysis of MCP configuration files across development tools (Claude Desktop, Cursor, VS Code, Windsurf, Zed) and GitHub repositories, using pattern matching to detect 25+ secret types and mapping findings to OWASP LLM Top 10 (2025). Exports results in multiple formats (JSON, CycloneDX AI-BOM, SARIF, CSV) for CI/CD integration and compliance workflows, with a browser-based GitHub scanner and local CLI tool that scans MCP configs without telemetry or network transmission.

143 stars.

No Package No Dependents
Maintenance 10 / 25
Adoption 10 / 25
Maturity 9 / 25
Community 21 / 25

How are scores calculated?

Stars

143

Forks

35

Language

Python

License

MIT

Category

security-testing-mcp

Last pushed

Feb 27, 2026

Commits (30d)

0

GitHub
Security Testing MCP · 268 servers

Get this data via API

curl "https://pt-edge.onrender.com/api/v1/quality/mcp/apisec-inc/mcp-audit"

Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.

Compare

mcp-audit and mcp-panther mcp-audit and agent-bom mcp-audit and mcp-armor mcp-audit and mcp-checkpoint mcp-audit and Wazuh-MCP-Server mcp-audit and agent-security-scanner-mcp

Related servers

0x4m4/hexstrike-ai

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot,...

66

panther-labs/mcp-panther

Write detections, investigate alerts, and query logs from your favorite AI agents

60

duriantaco/skylos

High-precision Python SAST & Dead Code Remover. Finds unused functions, secrets, and security...

60

msaad00/agent-bom

Security scanner for AI infrastructure — CVEs, blast radius, credential exposure, runtime...

60

Wh0am123/MCP-Kali-Server

MCP configuration to connect AI agent to a Linux machine.

60

Explore MCP Servers

All categories Trending MCP Server directory Insights