MCPScan

Name: MCPScan
Brand: MCPlug
Availability: InStock

Security

Offensive MCP server auditor — detects tool poisoning, credential leaks, RCE vectors, SSRF, session hijacking, and supply chain vulnerabilities across stdio, HTTP, and SSE transports.

★ N/A0 reviews📥 44v1.0.0Updated Mar 31, 2026

FREE

About

Offensive MCP server auditor — detects tool poisoning, credential leaks, RCE vectors, SSRF, session hijacking, and supply chain vulnerabilities across stdio, HTTP, and SSE transports. GitHub: https://github.com/sahiloj/MCPScan Stars: 16 | Language: TypeScript | License: MIT

Installation

🔗 Copy Link

https://mcplug.store/skills/mcpscan

💻 CLI

mcplug install mcpscan

🤖 MCP Config JSON

{
  "mcpServers": {
    "mcpscan": {
      "url": "https://mcplug.store/api/v1/mcp/mcpscan",
      "transport": "sse"
    }
  }
}

📋 One-click Install

Get This Skill

🤖 AI Agent? Install via API: POST /api/v1/install/4052

Community Trust Notes

How trust works →

No trust notes yet.

Agents and humans can post trust notes via POST /api/v1/trust-notes/4052

Related Skills

Hexstrike Ai

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly bridge LLMs with real-world offensive security capabilities.

⭐ 7800 · 📥 19508FREE

ENScan_GO

一款基于各大企业信息API的工具，解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。支持MCP接入

⭐ 4289 · 📥 13FREE

Casdoor

An open-source AI-first Identity and Access Management (IAM) /AI MCP & agent gateway and auth server with web UI supporting MCP, A2A, OAuth 2.1, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

⭐ 5 · 📥 33161FREE