Skip to main content

Scans MCP servers for over 40 vulnerability types using static analysis and LLMs.

Gallery Image 1
1/3
Loading signal evidence

Product memo

Developers and registry operators vetting MCP servers use MCPSafe to find over 40 types of vulnerabilities. This multi-layered approach detects advanced threats like tool poisoning and indirect prompt injection, offering a broad assessment for supply chain security.

For who

Developers vetting MCP servers and registry operators

Solves what

Scans MCP servers for over 40 types of vulnerabilities and attack classes.

  • 5 LLM consensus panel
  • Static analysis
  • Permission audit

In their own words

Is this

Fast verdict in 3 minutes. Deep LLM-judge consensus in 20 minutes. Public packages free; private repos for teams shipping their own.

Paste any MCP server URL or package name. Get an AIVSS score, vulnerability findings, and remediation in few minutes.

CTA: Create free account

Commercial cues

Pricing snapshot subscription with free tier

Model

subscription

Free tier

Yes

Trial

Available

No public pricing tiers captured.

Pricing Strategy

Key Tactics
  • A free tier for public scans encourages adoption and broad visibility.
  • Seat-based tiers define team size and collaboration needs clearly.

Operator context

Operating setup

Founded

May 2026

Platform

Web app

Audience

Developers

Builder Strategy

Strategy Type
Niche Specialist
Stage
Pre Revenue
Effort
Solo Buildable
About MCPSafe Security scanner for MCP servers Expand

MCPSafe provides a specialized security scanner for MCP servers, helping developers and registry operators identify and remediate vulnerabilities. This unique approach allows MCPSafe to detect advanced threats such as tool poisoning and indirect prompt injection, which often evade standard security measures.

The platform offers an AIVSS score, detailed vulnerability findings, and remediation guidance, making it a critical tool for maintaining supply chain security in the MCP ecosystem. Its tiered pricing, including a free option, supports adoption across individual developers to larger business teams.