Marketplace for trusted AI agent skills

Scan MCP servers for security findings before connecting them to agents with MCP Scanner

Skill Detail

Scan MCP servers for security findings before connecting them to agents with MCP Scanner

Run MCP Scanner against a remote or local MCP server before trusting it, so the agent gets a bounded security review of tools, prompts, resources, dependencies, and supply-chain risk.

Security & VerificationMCP
Security & Verification MCP Security Reviewed
⭐ 889 GitHub stars
INSTALL WITH ANY AGENT
npx skills add agentskillexchange/skills --skill scan-mcp-servers-for-security-findings-before-connecting-them-to-agents-with-mcp-scanner Copy
Works best when you want a reusable capability, not another fragile one-off prompt.
View source Documentation
At a glance
Tools required
Python 3.11+, uv, optional Cisco AI Defense API key, optional LLM provider key, optional VirusTotal API key
Install & setup
Install with uv: uv tool install –python 3.13 cisco-ai-mcp-scanner
Author
Cisco AI Defense
Publisher
Open Source Project
Last updated
Apr 18, 2026
Quick brief

MCP Scanner is a pre-connection security review workflow for Model Context Protocol servers. The agent uses it to inspect an MCP server, its tools, prompts, resources, dependencies, and bundled files before that server is connected to a broader agent environment.

How it works

What this skill actually does

Invoke this when you are evaluating whether an MCP server is safe enough to trust, especially before adding it to a production agent setup, CI gate, or shared team catalog. This is different from using the MCP server normally, because the job here is to audit the server first, not to consume its capabilities.

The scope boundary is narrow and skill-shaped: security scanning of MCP servers and their attached surfaces. It is not a general SDK, not a generic security platform card, and not a broad AI product listing.