MCP servers in the Security category. Search by intent and copy ready-made configs for Claude Code and Cursor.
Top 12 — Security
agentaegis-mcp
Community
Security & trust layer for AI agents. Scan an MCP server or skill *before* you install it (`scan_mcp_plugin`, `scan_skill`) — flags exfiltration, prompt-injection sinks, dangerous capabilities, install hooks and obfuscation → PROCEED/CAUTION/BLOCK. Plus `vet_endpoint` (endpoint safety verdict before an agent calls or pays it) and 25 more tools: vuln scans, threat intel, compliance (SOC 2/ISO 27001/HIPAA), code security (SAST/secret/dependency), identity — 28 total. Per-call billing via API key or x402 USDC on Base; free discovery tier.
Security and governance proxy for MCP infrastructure. Enforces YAML-configurable policies (blocklists, rate limits, token budgets), tracks real token costs via tiktoken, monitors server health with live JSON-RPC probes. Features include OAuth 2.1/OIDC with RBAC, web dashboard with Prometheus metrics, payload normalization against encoding bypasses, semantic shell AST analysis, mTLS zero-trust networking, circuit breakers, and a formal STRIDE threat model. 168 tests across 16 suites. Install: npm install -g @mcp-guardian/server
URL fetcher and HTML-to-markdown converter with three-layer prompt injection defense: pre-extraction sanitization of hidden/off-screen elements and non-printing Unicode, 15-pattern risk scanning (HIGH/MEDIUM/OK), and per-request session-salt content boundary wrapping.
AI Agent Security Middleware & MCP Server with 8-layer defense including prompt injection detection, DLP data flow tracking, command blocking, and PII detection. 7 MCP tools, zero dependencies.
Enterprise AI governance layer with 29 tools: MAI decision classification (Mandatory/Advisory/Informational), hash-chained forensic audit trails, human-in-the-loop gates, compliance mapping (NIST AI RMF, EU AI Act, ISO 42001), governed memory packs, and site reliability tools.