MCP Shield

STDIOregistry active

Summary

A static analysis tool that scans MCP server code for security vulnerabilities before they hit production. Exposes three tools: shield_scan_file, shield_scan_directory, and shield_scan_code. It runs 20 rules across SSRF detection, path traversal checks, injection patterns (eval/exec, SQL, subprocess), hardcoded secrets, and missing auth. Each finding maps to a CWE ID and includes a specific fix. You get an A to F grade based on severity distribution. Pure Python with zero dependencies, so you can clone and run it immediately. Useful during code review or before deploying a new MCP server, especially given that 36.7% of servers are apparently SSRF-vulnerable according to their research.

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

Put your SEO on autopilot

An agent that runs the SEO playbooks that move rankings and ships PRs you control.

Get founding access →

Vibe Prospecting MCP

Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.

Try For Free →

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

Put your SEO on autopilot

An agent that runs the SEO playbooks that move rankings and ships PRs you control.

Get founding access →

Vibe Prospecting MCP

Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.

Try For Free →

Featured

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

Put your SEO on autopilot

An agent that runs the SEO playbooks that move rankings and ships PRs you control.

Get founding access →

Vibe Prospecting MCP

Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.

Try For Free →

MCP Shield

Open-source security scanner for MCP servers. 20 rules across 6 categories. Scan any server in seconds. Get a grade from A to F.

36.7% of MCP servers are SSRF-vulnerable (BlueRock, 2026). 82% have path traversal flaws. Only 17% are production-ready. MCP Shield finds the vulnerabilities before attackers do.

Quick Start

git clone https://github.com/sophiacave/mcp-shield
cd mcp-shield

# Scan a file
python3 src/cli.py scan path/to/mcp_server.py

# Scan a project
python3 src/cli.py scan path/to/mcp-project/

What It Checks (20 Rules)

Rule	Severity	What It Detects
SSRF-01	Critical	User input in HTTP request URLs
SSRF-02	Medium	Dynamic URLs without validation
SSRF-03	Medium	DNS rebinding (URL validated but no IP pinning)
PATH-01	High	User input in file paths
PATH-02	Medium	No path traversal protection
PATH-03	Medium	Symlink following without check
INJ-01	Critical	eval/exec on user input
INJ-02	Critical	SQL string interpolation
INJ-03	High	subprocess with shell=True
INJ-04	High	Template injection via .format()
INJ-05	Critical	Unsafe deserialization (pickle/yaml)
AUTH-01	Medium	No auth on tool handlers
AUTH-02	Critical	Hardcoded secrets/API keys (OpenAI, Stripe, GitHub, AWS)
AUTH-03	Low	No rate limiting on tool endpoints
SEC-01	High	SSL verification disabled
SEC-02	Medium	Wildcard CORS
SEC-03	Medium	Stack traces/error details exposed to client
SEC-04	Low	No input length validation (DoS risk)
LOG-01	Low	No logging/audit trail on tool invocations

Testing

python3 tests/test_integration.py
# 28 tests, 0 failures

MCP Server Integration

Add to ~/.claude/mcp.json:

{
  "mcpServers": {
    "mcp-shield": {
      "command": "python3",
      "args": ["/path/to/mcp-shield/src/mcp_server.py"]
    }
  }
}

Claude Code tools: shield_scan_file, shield_scan_directory, shield_scan_code

Example Output

MCP Shield: my-server/ — 3 finding(s)

  [CRIT] SSRF-01: Potential SSRF: Dynamic URL from user input
    requests call with dynamic URL that may include user input
    Location: server.py:45
    Fix: Validate URL against allowlist. Block internal IPs.
    CWE: CWE-918

  [HIGH] INJ-03: Command injection: subprocess with shell=True
    subprocess called with shell=True. User input in args = RCE.
    Location: tools.py:112
    Fix: Use subprocess with shell=False and pass args as list.
    CWE: CWE-78

  [MED] AUTH-01: No authentication detected on tool handlers
    MCP tool handlers found but no auth logic detected
    Fix: Add authentication middleware.
    CWE: CWE-306

Grade: F | 1 critical, 1 high, 1 medium

Features

Zero dependencies — Pure Python, no pip installs required
20 security rules across SSRF, path traversal, injection, auth, config, and logging
CWE references — Every finding maps to a Common Weakness Enumeration ID
Actionable fixes — Each finding includes specific remediation steps
A-F grading — Instant security posture assessment
Dual mode — Run as CLI or as an MCP server inside Claude Code
Fast — Scans a typical MCP server in under 1 second

Why This Exists

The MCP ecosystem has 9,400+ servers and 97M monthly SDK downloads. Security tooling hasn't kept up. We built MCP Shield because every MCP server deployed without a security scan is a liability.

Built by Like One, a 501(c)(3) nonprofit. Security tooling should be free.

License

MIT — Like One

MCP Shield

MCP Shield

MCP Shield

Quick Start

What It Checks (20 Rules)

Testing

MCP Server Integration

Example Output

Features

Why This Exists

License

Related Security & Pentesting MCP Servers

MCP Shield

Quick Start

What It Checks (20 Rules)

Testing

MCP Server Integration

Example Output

Features

Why This Exists

License

Related Security & Pentesting MCP Servers