MCP Guard

Professional Security Scanner for Model Context Protocol Servers

The first open-source security scanner specifically designed for MCP servers

Quick Start • Features • Documentation • Examples • Contributing

Overview

MCP Guard is a comprehensive security assessment tool that identifies vulnerabilities in Model Context Protocol (MCP) servers through static analysis, dynamic testing, and intelligent fuzzing. Built for security professionals and developers working with AI systems.

Why MCP Guard?

First-of-its-kind: Purpose-built for MCP server security assessment
Universal Support: Works with Python, Node.js, Go, and Docker-based MCP servers
Professional Scoring: Implements both CVSS v4.0 and AIVSS (AI Vulnerability Scoring System)
Production Ready: Enterprise-grade features with comprehensive reporting

Quick Start

# Clone and setup
git clone https://github.com/SaravanaGuhan/mcp-guard.git
cd mcp-guard
pip install -r requirements.txt

# Scan an MCP server
python mcp_scanner.py https://github.com/openbnb-org/mcp-server-airbnb

That's it! MCP Guard will automatically detect the server type, perform comprehensive security analysis, and provide detailed vulnerability reports.

Features

🔍 Comprehensive Analysis

Static Analysis: Pattern-based vulnerability detection
Dynamic Testing: Live server security assessment
Dependency Scanning: Known CVE identification
Protocol Validation: MCP-specific security checks

🎯 Universal Server Support

Python: Django, Flask, FastAPI MCP servers
Node.js/TypeScript: Express, Koa MCP implementations
Go: Native Go MCP servers
Docker: Containerized MCP deployments

📊 Professional Scoring

CVSS v4.0: Industry-standard vulnerability scoring
AIVSS: AI-specific vulnerability assessment
Risk Analysis: Business impact evaluation
Remediation Prioritization: Intelligent vulnerability ranking

🚀 Enterprise Ready

CI/CD Integration: GitHub Actions, Jenkins support
Multiple Formats: JSON, SARIF, JUnit XML reports
Security Gates: Automated pass/fail criteria
Batch Processing: Multi-repository analysis

Vulnerability Detection

MCP Guard identifies security issues across multiple categories:

Category	Examples	Severity Range
MCP Protocol	Command injection, path traversal, auth bypass	Critical - Medium
Input Validation	Parameter tampering, injection attacks	High - Medium
Configuration	Insecure defaults, exposed secrets	Medium - Low
Dependencies	Known CVEs, outdated packages	Critical - Info
Code Quality	Hardcoded credentials, unsafe functions	High - Low

Sample Output

================================================================================
MCP GUARD SECURITY ASSESSMENT REPORT
================================================================================
Target: https://github.com/openbnb-org/mcp-server-airbnb
Server Type: Node.js MCP Server
Scan Duration: 45.2 seconds

VULNERABILITY SUMMARY
├── Total Issues: 5
├── Critical: 1    High: 2    Medium: 1    Low: 1
├── CVSS v4.0 Average: 6.8
└── Overall Risk: HIGH

CRITICAL SEVERITY FINDINGS
┌─────────────────────────────────────────────────────────────────────────────
│ [CVE-2024-XXXX] Command Injection in Tool Handler
│ CVSS Score: 9.1 (CRITICAL)  |  AIVSS Score: 8.7 (AI_HIGH)
│ File: src/tools/system.js:45
│ 
│ Description: Unsanitized user input passed to child_process.exec()
│ Impact: Remote code execution on server
│ Remediation: Implement input validation and use parameterized commands
└─────────────────────────────────────────────────────────────────────────────

RECOMMENDATIONS
• Implement comprehensive input validation for all MCP tool parameters
• Update 3 vulnerable dependencies (express, lodash, axios)
• Enable security headers and HTTPS enforcement
• Add rate limiting to prevent abuse

Scan completed successfully ✓

Installation

Prerequisites

Python 3.8 or higher
Internet connection for repository downloads
Git (optional, for development)

Standard Installation

git clone https://github.com/SaravanaGuhan/mcp-guard.git
cd mcp-guard
pip install -r requirements.txt

Development Installation

git clone https://github.com/SaravanaGuhan/mcp-guard.git
cd mcp-guard
pip install -e .
pip install -r requirements-dev.txt

Docker Installation

docker build -t mcp-guard .
docker run -v $(pwd):/workspace mcp-guard https://github.com/target/mcp-server

Usage Examples

Basic Scanning

# Scan a GitHub repository
python mcp_scanner.py https://github.com/cloudflare/mcp-server-cloudflare

# Static analysis only
python mcp_scanner.py --scan-type static https://github.com/target/repo

# Dynamic analysis only  
python mcp_scanner.py --scan-type dynamic https://github.com/target/repo

# Output to JSON
python mcp_scanner.py --output report.json https://github.com/target/repo

Advanced Usage

from mcp_scanner import UniversalMCPScanner

scanner = UniversalMCPScanner()
results = scanner.scan_mcp_server(
    repo_url="https://github.com/target/mcp-server",
    scan_type="both"
)

print(f"Found {len(results['vulnerabilities'])} vulnerabilities")
print(f"Overall risk: {results['summary']['risk_assessment']['overall_risk']}")

Supported MCP Servers

MCP Guard has been tested with popular MCP server implementations:

Server	Language	Status	Vulnerabilities Found
Airbnb MCP Server	Node.js	✅ Tested	5 issues identified
Cloudflare MCP Server	Node.js	✅ Tested	3 issues identified
GitHub MCP Server	Go	✅ Tested	2 issues identified
PostgreSQL MCP Server	Python	✅ Tested	4 issues identified
Docker MCP Server	Go	✅ Tested	1 issue identified

Architecture

graph TB
    A[Repository URL] --> B[Repository Handler]
    B --> C[Server Type Detection]
    C --> D[Static Analysis Engine]
    C --> E[Dynamic Analysis Engine]
    D --> F[Vulnerability Scoring]
    E --> F
    F --> G[CVSS v4.0 Scoring]
    F --> H[AIVSS Scoring]
    G --> I[Report Generation]
    H --> I
    I --> J[JSON/Console Output]

Core Components

Repository Handler: Downloads and analyzes repository structure
Static Analysis Engine: Pattern-based vulnerability detection
Dynamic Analysis Engine: Live server testing and fuzzing
Vulnerability Scoring: CVSS v4.0 and AIVSS implementation
Report Generator: Professional vulnerability reporting

Documentation

Document	Description
Complete Setup Guide	Comprehensive installation and configuration
Quick Start Guide	Get started in 3 minutes
Contributing Guide	How to contribute to the project
Project Summary	Detailed project overview

Contributing

We welcome contributions from the security and AI communities!

Ways to Contribute

Report Bugs: Found an issue? Open a bug report
Feature Requests: Have an idea? Request a feature
Code Contributions: Submit pull requests for improvements
Documentation: Help improve our documentation
Testing: Test with new MCP servers and report results

Development Setup

git clone https://github.com/SaravanaGuhan/mcp-guard.git
cd mcp-guard
pip install -e ".[dev]"
pytest tests/

Security

MCP Guard is designed with security in mind:

Safe Repository Handling: Secure download and cleanup processes
Sandboxed Execution: Isolated dynamic analysis environment
Input Validation: Protection against malicious repository content
Resource Limits: CPU, memory, and time constraints
Network Security: HTTPS-only downloads with timeout protection

License

This project is licensed under the MIT License - see the LICENSE file for details.

Acknowledgments

MCP Community: For developing the Model Context Protocol
Security Researchers: For vulnerability research and best practices
Open Source Contributors: For making this project possible
CVSS Working Group: For the CVSS v4.0 specification

Built with ❤️ for the MCP and Security Communities

⭐ Star this repo • 🐛 Report Issues • 💬 Discussions

mcp-guard