MCP Security Scanner

Example Use Cases

• 1

  Detect hardcoded secrets and API keys in MCP config files.

• 2

  Enforce security best practices in MCP configurations.

• 3

  Integrate secret scanning into CI/CD pipelines.

Description

MCP Security Scanner helps users identify and remediate security risks in their MCP config files by detecting over 30 secret patterns including API keys, tokens, and connection strings. It enforces best practices such as environment variable references and no secrets in command arguments. The tool supports JSON output for CI/CD integration and offers fix suggestions using the Janee secrets manager, improving security and compliance for MCP configurations.