Scans MCP servers for 40+ attack classes, including tool poisoning and prompt injection.
Product memo
Targets developers vetting MCP servers and registry operators publishing safe catalogs. Its unique angle: a multi-LLM consensus approach combined with static analysis to detect sophisticated threats like tool poisoning and indirect prompt injection. Provides an AIVSS score for risk assessment, carving out a niche in a rapidly evolving threat landscape.
For who
Developers vetting MCP servers and registry operators
Solves what
Scans MCP servers for over 40 attack classes including tool poisoning and prompt injection.
- 5-LLM consensus panel
- Static analysis for code bugs
- Permission audits
In their own words
Is this
Fast verdict in 3 minutes. Deep LLM-judge consensus in 20 minutes. Public packages free; private repos for teams shipping their own.
Paste any MCP server URL or package name. Get an AIVSS score, vulnerability findings, and remediation in few minutes.
Commercial cues
Model
subscription
Free tier
Yes
Trial
Available
Free
Public scans · Badge embed · Scan history (signed-in)
Developer
Popular$15.73/mo billed annually
1 user · Public and Private scans · API key access
Team
$40.87/mo billed annually
5 seats included · Public and Private scans · API key access
Business
$124.17/mo billed annually
20 seats included · Public and Private scans · Priority support
Pricing Strategy
Offers a tiered subscription model with a generous free tier, appealing to individual developers and growing teams with usage-based limits.
- • A free tier for public scans drives rapid adoption and builds trust within the developer community.
- • Usage-based limits per tier encourage natural upgrades as teams scale their security needs.
- • Annual plans offer roughly a 17% discount, incentivizing longer-term commitment and reducing churn.
Operator context
Founded
May 2026
Social / footprint
Builder Strategy
- Strategy Type
- Niche Specialist
- Stage
- Bootstrapped Lean
- Effort
- Solo Buildable
Targets developers vetting MCP servers with a clear value prop: fast, multi-LLM security scans for known and novel threats.
Unfair Advantages
-
Proprietary Data Proprietary 5-LLM consensus model for detecting novel threats
-
Unorthodox Pricing Free tier for public scans drives adoption and network effects
Builder Lesson
Leverage AI consensus for novel threat detection to create a defensible moat against static analysis tools.
Full Reasoning
Wins by laser-focusing on a specific, high-pain point for developers: the security of MCP servers and their dependencies. The core wedge is its 5-LLM consensus, designed to catch threats traditional static analysis misses. This creates a defensible moat, as replicating the specific AI model training and tuning is non-trivial. The free tier for public scans acts as a powerful distribution channel and trust builder. Other builders should identify niches where novel AI capabilities can create a moat that incumbents struggle to copy, then offer a clear path to value.
About MCPSafe Security scanner for MCP servers Expand
MCPSafe provides a critical security layer for developers and registry operators navigating the complexities of MCP servers. This platform specializes in scanning MCP servers for a wide array of vulnerabilities, including sophisticated threats like tool poisoning, prompt injection, OAuth misconfigurations, and command injection. Leveraging a unique multi-LLM consensus approach alongside robust static analysis, it delivers an AIVSS score, offering a clear, actionable risk assessment.
Built for the modern developer, MCPSafe simplifies the process of vetting server integrity. Users simply paste an MCP server URL or package name to receive comprehensive vulnerability findings and remediation guidance within minutes. Its tiered pricing, including a free option for public scans, makes advanced security accessible, fostering a safer ecosystem for software development and deployment.