Think of this as a linter that runs on your agent's tool surface. It connects to MCP servers over stdio, pulls every tool definition, and runs 16 static rules looking for prompt injection in descriptions, over-broad permissions, scope mismatches, arbitrary code execution patterns, and supply chain CVEs. You get letter grades A through F and a risk report you can act on. Ships as both an MCP server your agent can call to audit its own config and a CLI you can run in CI. The team scanned 207 servers and found 70% had at least one issue, with only 10% earning a clean A grade. Useful if you're wiring up third party MCP servers and want a second opinion before you hand over filesystem or exec access.
claude mcp add --transport stdio agentsafe-ai-tooltrust-scanner uvx tooltrust-scanner