
Scans MCP servers for over 40 vulnerability types using static analysis and LLMs.

Product memo
Developers and registry operators vetting MCP servers use MCPSafe to find over 40 types of vulnerabilities. This multi-layered approach detects advanced threats like tool poisoning and indirect prompt injection, offering a broad assessment for supply chain security.
For who
Developers vetting MCP servers and registry operators
Solves what
Scans MCP servers for over 40 types of vulnerabilities and attack classes.
- 5 LLM consensus panel
- Static analysis
- Permission audit
In their own words
Is this
Fast verdict in 3 minutes. Deep LLM-judge consensus in 20 minutes. Public packages free; private repos for teams shipping their own.
Paste any MCP server URL or package name. Get an AIVSS score, vulnerability findings, and remediation in few minutes.
Commercial cues
Model
subscription
Free tier
Yes
Trial
Available
Pricing Strategy
- • A free tier for public scans encourages adoption and broad visibility.
- • Seat-based tiers define team size and collaboration needs clearly.
Operator context
Operating setup
Founded
May 2026
Platform
Web app
Audience
Developers
Builder Strategy
- Strategy Type
- Niche Specialist
- Stage
- Pre Revenue
- Effort
- Solo Buildable
About MCPSafe Security scanner for MCP servers Expand
MCPSafe provides a specialized security scanner for MCP servers, helping developers and registry operators identify and remediate vulnerabilities. This unique approach allows MCPSafe to detect advanced threats such as tool poisoning and indirect prompt injection, which often evade standard security measures.
The platform offers an AIVSS score, detailed vulnerability findings, and remediation guidance, making it a critical tool for maintaining supply chain security in the MCP ecosystem. Its tiered pricing, including a free option, supports adoption across individual developers to larger business teams.
