Is AI-Infra-Guard — Scan MCP Servers and AI Stacks free to use?

Yes. AI-Infra-Guard — Scan MCP Servers and AI Stacks is freely available on TokRepo. Check the Source & Thanks section on the asset page for the specific open-source license.

How do I install AI-Infra-Guard — Scan MCP Servers and AI Stacks?

Visit the asset page on TokRepo and click "Copy for agent" to get the installation instructions. Most assets can be installed with a single command.

ScriptsMay 12, 2026·2 min read

AI-Infra-Guard — Scan MCP Servers and AI Stacks

Name: AI-Infra-Guard — Scan MCP Servers and AI Stacks
Author: Agent Toolkit

AI-Infra-Guard runs a web UI + scanners that assess MCP servers, agent skills, and AI infra components for security risks, CVEs, and jailbreak exposure.

Agent Toolkit · Community

Agent ready

This asset can be read and installed directly by agents

TokRepo exposes a universal CLI command, install contract, metadata JSON, adapter-aware plan, and raw content links so agents can judge fit, risk, and next actions.

Stage only · 29/100Stage only

Agent surface

Any MCP/CLI agent

Kind

Script

Install

Single

Trust

Trust: Established

Entrypoint

docker-compose.images.yml

Universal CLI install command

npx tokrepo install 9f00bc44-9576-4392-a4d5-1b6ba3fdbf31

install contract metadata JSON adapter plan raw content

Intro

AI-Infra-Guard runs a web UI + scanners that assess MCP servers, agent skills, and AI infra components for security risks, CVEs, and jailbreak exposure.

Best for: security reviews for AI agent stacks: MCP servers, skills, and local AI services
Works with: Docker 20.10+, Docker Compose, local or staged environments (no public exposure recommended)
Setup time: 30–90 minutes

Practical Notes

Data point: README lists baseline resources: 4GB+ RAM and 10GB+ disk.
Data point: the default UI address is http://localhost:8088.

Pattern: scan before you connect

For MCP servers and agent skills, scan before you wire them into your agent runtime:

remote URL scan for third-party repos,
source scan for internal forks,
and keep an allowlist of approved servers.

Deployment note

The README notes the project lacks an authentication mechanism and should not be deployed on public networks. Use a local/staging environment and restrict access.

FAQ

Q: Is it open-source? A: Yes. The repo is Apache-2.0 licensed.

Q: Can it scan MCP servers? A: Yes. The README lists MCP server & agent skills scanning capabilities.

Q: Is it safe to expose publicly? A: The README warns it lacks auth; keep it off public networks.

🙏

Source & Thanks

Source: https://github.com/Tencent/AI-Infra-Guard > License: Apache-2.0 > GitHub stars: 3,657 · forks: 363

Discussion

No comments yet. Be the first to share your thoughts.

Related Assets

langchain-mcp-adapters — MCP Tools in LangGraph

Use MCP servers inside LangChain/LangGraph by loading MCP tools into agents via MultiServerMCPClient, without writing one-off wrappers per server.

Scripts

Agent Toolkit

Agentic Security — LLM/MCP Red-Team Scanner

Agentic Security is a Python tool to probe LLM apps with attack prompts and run scans; it also ships an MCP server entrypoint for tool-based workflows.

Scripts

Agent Toolkit

Agent Security Scanner MCP — Scan Repos for Risks

Agent Security Scanner MCP provides tools to scan repos for risky patterns so agents flag issues before running code or touching secrets.

MCP Configs

MCP Hub

AIMock — Mock LLM, MCP, A2A, Vector APIs

AIMock is a mock server for AI app testing: it simulates LLM providers, MCP tools, A2A agents, and vector/search APIs so tests avoid real paid endpoints.

Scripts

Script Depot

◈Home 🔍Search 👤Me