Code & Scripts

MCP Security Audit Tool for Local Agent Stacks

A CLI scanner that reads local MCP server configs and emits a Markdown + JSON audit report covering tool surface area, auth methods, and blast radius.

A CLI scanner that reads local MCP server configs and emits a Markdown + JSON audit report covering tool surface area, auth methods, and blast radius.

What's Inside

  • πŸ“¦mcpaudit/cli.py β€” CLI entry point (mcpaudit scan) with output flags and CI-ready exit codes
  • πŸ“¦mcpaudit/discovery.py β€” Auto-finds MCP configs across all supported client locations
  • πŸ“¦mcpaudit/rules.py β€” 12 static analysis rules covering auth, scope, transport, and blast radius
  • πŸ“¦mcpaudit/report.py β€” Renders Markdown and JSON audit reports from findings
  • πŸ“¦mcpaudit/templates/report.md.j2 β€” Jinja2 report template (customizable)
  • πŸ“¦sample-report.md / sample-report.json β€” Pre-generated examples showing every severity level
  • πŸ“¦tests/ β€” 58 passing unit tests with 4 fixture configs (minimal, risky, clean, worst-case)
  • πŸ“¦README.md β€” Setup and usage guide; honest about what the tool does *not* cover
$29

One-time purchase

⚑Instant download after purchase
πŸ“§Download link sent to your email
πŸ”„7-day download access
βœ…14-day money-back guarantee
View refund policy
Quality Score

9/10