Cisco MCP Scanner
Enterprise-grade MCP server security scanner combining Cisco AI Defense inspect API, YARA rules, and LLM-as-a-judge to detect malicious MCP tools. CLI and REST API modes.
- Scan all MCP servers for tool poisoning and rug pull attacks
- Add custom YARA rules to detect organization-specific threat patterns
- Run production readiness assessments on MCP server configurations
Major vendor backing (Cisco) gives enterprise credibility. Detects tool poisoning, rug pull attacks, and over-privileged permissions. Customizable YARA rules.
Enterprise security teams scanning MCP server deployments for threats.
https://github.com/cisco-ai-defense/mcp-scanner
By Cisco AI Defense
How to Get It
Trust Signals Automated Scan
Data & Access
Community Pulse Active
Discussed on Hacker News, Reddit
- i dug through claude code's leaked source and anthropic's codebase is absolutely — Reddit · 5505 pts
- MCP-Scanner – Scan MCP Servers for vulnerabilities — Hacker News · 168 pts
- State of the MCP ecosystem — Reddit · 69 pts
23 mentions across 2 sources
Reviewer notes
Automated Scan review. These are observations, not a security certification.
Official Cisco AI Defense product. Enterprise-grade.
How to evaluate tools before deploying →
Data shown here comes from public APIs and automated scanning. Reviewer notes reflect one person's experience. This is not a security certification or legal recommendation. Always evaluate tools according to your own organization's policies.