MCP Security Tools Detection

Security analysis system for Model Context Protocol servers

Overview

A comprehensive security analysis system that combines static analysis detection with web-based visualization for identifying security risks in Model Context Protocol (MCP) servers.

🔍 Detection Module

Static analysis framework for identifying security risks in MCP servers.

9 capability types detection
MCPTox validated (493 samples)
TOML-based configurable rules
Risk scoring (0-100 scale)

🌐 Web Portal

Dashboard for visualizing and managing detection results.

Auto-imports detection results
Color-coded dashboard
REST API for automation
Real-time statistics

Detection Capabilities

The system detects 9 types of security capabilities:

Command Execution (96% detection)
File Read/Write Operations
Network Operations
Environment Access
Prompt Injection (90% detection)
Parameter Override
Tool Sequence Hijacking
Credential Leakage
Data Tampering

Documentation

GitHub Repository Detection Module Docs Web Portal Docs Demo Video