Awesome MCP Security

v1.0.0โ€ขSecurityโ€ขstable

Security scores for 800+ MCP servers. 9 analyzers scan for prompt injection, toxic flows, and attack surface risks. Updated daily. ๐Ÿ›ก๏ธ

awesome-listbugbountybugbountytipscybersexploit
Share:
694
Stars
0
Downloads
0
Weekly
0/5

What is Awesome MCP Security?

Awesome MCP Security is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to security scores for 800+ mcp servers. 9 analyzers scan for prompt injection, toxic flows, and attack surface risks. updated daily. ๐Ÿ›ก๏ธ

Security scores for 800+ MCP servers. 9 analyzers scan for prompt injection, toxic flows, and attack surface risks. Updated daily. ๐Ÿ›ก๏ธ

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • Security scores for 800+ MCP servers. 9 analyzers scan for p

Use Cases

Security scoring for 800+ MCP servers
Prompt injection detection
Daily threat analysis updates
Puliczek

Maintainer

LicenseNOASSERTION
Languagetypescript
Versionv1.0.0
UpdatedMay 21, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx awesome-mcp-security

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Awesome MCP Security

Awesome MCP Security is a curated, continuously updated security resource that tracks and scores 800+ MCP servers across 9 security dimensions including prompt injection risk, toxic tool flows, and overall attack surface. Updated daily, it serves as a reference for developers and security teams who want to audit MCP servers before deployment, understand common attack vectors in the MCP ecosystem, and discover security-focused MCP tools such as Nuclei, Semgrep, VirusTotal, Shodan, and BloodHound integrations. It is both a directory of security tooling and an active scanner database that helps practitioners make informed decisions about which MCP servers to trust.

Prerequisites

  • Node.js 18 or later and npx for running the MCP server component
  • An MCP-compatible client such as Claude Desktop or Cursor
  • Basic familiarity with MCP server security concepts (prompt injection, tool poisoning)
  • Internet access for daily-updated scoring data
1

Review the security database online

Before installing, browse the live security scores at the Awesome MCP Security repository to understand the risk profiles of servers you are already using.

2

Add the MCP server to your client config

Add awesome-mcp-security to your claude_desktop_config.json to expose its security scoring and lookup tools to Claude.

{
  "mcpServers": {
    "awesome-mcp-security": {
      "command": "npx",
      "args": ["awesome-mcp-security"]
    }
  }
}
3

Restart your MCP client

Restart Claude Desktop (or your MCP client) to load the new server. Once connected, you can query security scores, look up servers by risk category, and get recommendations.

4

Audit an MCP server before adding it

Use the server's tools to check the security score of any MCP server you are considering. Ask Claude to retrieve the score and risk report for a specific server slug or package name.

5

Integrate security-focused MCP servers from the directory

The resource lists production-ready security MCP servers (Nuclei, VirusTotal, Semgrep, Shodan, BloodHound). Use this as a reference to add targeted security tooling to your Claude environment.

Awesome MCP Security Examples

Client configuration

claude_desktop_config.json entry for the Awesome MCP Security server.

{
  "mcpServers": {
    "awesome-mcp-security": {
      "command": "npx",
      "args": ["awesome-mcp-security"]
    }
  }
}

Prompts to try

Example prompts that leverage the security scoring and risk analysis capabilities of this server.

- "What is the security score for the filesystem MCP server and what are its main risks?"
- "List MCP servers with high prompt injection risk scores so I can avoid them."
- "Which MCP servers in the database have been flagged for toxic tool flows?"
- "Show me all security-focused MCP servers available for vulnerability scanning."
- "What are the top 5 safest MCP servers for production use based on the security database?"

Troubleshooting Awesome MCP Security

Security scores seem outdated

The database is updated daily. If scores look stale, check the repository's last commit date. For the most current data, visit https://github.com/Puliczek/awesome-mcp-security directly.

Tools not appearing after adding to config

Ensure Node.js 18+ and npx are installed. Run 'npx awesome-mcp-security' in a terminal to test directly. If it fails with a package not found error, the package may be published under a different name โ€” check the repository for the correct npx invocation.

Unsure how to interpret the 9 security analyzer scores

Refer to the repository README for definitions of each analyzer category (prompt injection, toxic flows, attack surface, etc.). Focus on prompt injection and toxic flow scores as the highest-impact risks for typical deployments.

Frequently Asked Questions about Awesome MCP Security

What is Awesome MCP Security?

Awesome MCP Security is a Model Context Protocol (MCP) server that security scores for 800+ mcp servers. 9 analyzers scan for prompt injection, toxic flows, and attack surface risks. updated daily. ๐Ÿ›ก๏ธ It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Awesome MCP Security?

Follow the installation instructions on the Awesome MCP Security GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Awesome MCP Security?

Awesome MCP Security works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Awesome MCP Security free to use?

Yes, Awesome MCP Security is open source and available under the NOASSERTION license. You can use it freely in both personal and commercial projects.

Awesome MCP Security Alternatives โ€” Similar Security Servers

Looking for alternatives to Awesome MCP Security? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

โ˜… 13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

โ˜… 9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

โ˜… 8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

โ˜… 8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

โ˜… 6.6k

754 structured cybersecurity skills for AI agents ยท Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF ยท agentskills.io standard ยท Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

โ˜… 5.1k

๐Ÿ”ฅ๐Ÿ”ฅ hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "awesome-mcp-security": { "command": "npx", "args": ["-y", "awesome-mcp-security"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide โ†’

Ready to use Awesome MCP Security?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides