Esta página se muestra en inglés. Una traducción al español está en curso.
MCP ConfigsMay 12, 2026·3 min de lectura

mcp-audit — Scan MCP Configs for Secrets & Shadow APIs

Audit MCP server configs and source trees to find exposed secrets, risky endpoints, and model access. Outputs JSON/CSV/SARIF/CycloneDX AI-BOM for CI gates.

Listo para agents

Staging seguro para este activo

Este activo primero queda en staging. El prompt copiado pide inspeccionar los archivos staged antes de activar scripts, config MCP o config global.

Stage only · 27/100Política: staging
Superficie agent
Cualquier agent MCP/CLI
Tipo
Mcp Config
Instalación
Pip
Confianza
Confianza: Established
Entrada
pip install mcp-audit && mcp-audit --help
Comando de staging seguro
npx -y tokrepo@latest install 67ac2a2b-e81c-50f9-bb30-0943e7df8787 --target codex

Primero deja archivos en staging; la activación requiere revisar el README y el plan staged.

Introducción

mcp-audit is a security-focused CLI that inventories MCP configurations and can optionally analyze MCP server source code, so teams can understand what their agents can access before shipping.

Best for: Security reviews for agent toolchains, CI compliance, and MCP governance

Works with: Local repos/paths; JSON/CSV/SARIF/CycloneDX outputs; CLI-first workflows

Setup time: 5–10 minutes

Key facts (verified)

  • Supports scan for configs and source-scan for code per README.
  • Exports JSON, CSV, Markdown, SARIF, and CycloneDX 1.6 AI-BOM formats (README).
  • GitHub: 149 stars · 37 forks; pushed 2026-05-12 (GitHub API verified).

Main

Use mcp-audit as a guardrail, not a one-off report:

  • Add mcp-audit scan to CI to catch accidental secret commits in MCP configs.
  • Run source-scan on any in-house MCP server before granting it broad access.
  • Prefer SARIF output if you already use GitHub code scanning, so findings land where engineers work.

README excerpt (verbatim)

MCP Audit

License: MIT Python 3.9+ GitHub release

See what your AI agents can access - before they go live.

Web App MCP Audit Web App

CLI MCP Audit CLI

What It Does

MCP Audit scans your AI development tools (Claude Desktop, Cursor, VS Code) and reveals:

  • Secrets - Exposed API keys, tokens, database passwords
  • APIs - Every endpoint your AI agents connect to
  • AI Models - Which LLMs are configured (GPT-4, Claude, Llama)
  • Risk Flags - Shell access, filesystem access, unverified sources
⚠️  2 SECRET(S) DETECTED - IMMEDIATE ACTION REQUIRED

[CRITICAL] GitHub Personal Access Token
  Location: github-tools  env.GITHUB_TOKEN
  Remediation: https://github.com/settings/tokens  Delete  Recreate

[HIGH] Database Connection String
  Location: postgres-mcp  env.DATABASE_URL
  Remediation: Rotate credentials, use secrets manager

Source-level Scanning (new in v1.1)

mcp-audit scan inventories MCP server configurations. The new mcp-audit source-scan command goes one level deeper — it reads the MCP server's own source code and flags code-level vulnerabilities the server author may have introduced.

Today it catches the "Prompt In, Shell Out" attack chain: an MCP server that pipes an LLM-controlled tool argument into a shell-spawning API (child_process.exec, util.promisify(exec), subprocess.run(shell=True), os.system, os.popen) without sanitization. An attacker controlling the LLM input can inject shell metacharacters and execute arbitrary code on the host running the MCP server.

$ mcp-audit source-scan ./packages/my-mcp-server

MCP source-scan: packages/my-mcp-server
1 critical · 0 high · 1 finding(s) total

  Severity  Conf  File:Line      API                                          Snippet
  CRITICAL  high  server.js:19   util.promisify(child_process.exec) ...       const { stdout } = await execAsync(

Outputs:

  • --format table (default, human-readable)

FAQ

Q: What does scan look at? A: README says it inventories MCP server configurations and summarizes access.

Q: When should I use source-scan? A: Use it for in-house or unverified servers to catch code-level risks.

Q: What output fits CI? A: JSON for parsing, or SARIF/CycloneDX when integrating with security tooling.

🙏

Fuente y agradecimientos

Source: https://github.com/apisec-inc/mcp-audit > License: MIT > GitHub stars: 149 · forks: 37

Discusión

Inicia sesión para unirte a la discusión.
Aún no hay comentarios. Sé el primero en compartir tus ideas.

Activos relacionados