← Back to directory

MCP servers: Security

MCP servers in the Security category. Search by intent and copy ready-made configs for Claude Code and Cursor.

Top 12 — Security

agentaegis-mcp

Community

Security & trust layer for AI agents. Scan an MCP server or skill *before* you install it (`scan_mcp_plugin`, `scan_skill`) — flags exfiltration, prompt-injection sinks, dangerous capabilities, install hooks and obfuscation → PROCEED/CAUTION/BLOCK. Plus `vet_endpoint` (endpoint safety verdict before an agent calls or pays it) and 25 more tools: vuln scans, threat intel, compliance (SOC 2/ISO 27001/HIPAA), code security (SAST/secret/dependency), identity — 28 total. Per-call billing via API key or x402 USDC on Base; free discovery tier.

Security typescript

No reliable install_ref — see repo instructions.

orihime

Community

Cross-repository code knowledge graph MCP server for Java, Kotlin, JavaScript, and TypeScript. Indexes source into embedded KuzuDB via tree-sitter; 30+ tools for call-flow tracing, multi-hop taint analysis (OWASP/CWE/PCI/STIG reports), entry-point reachability filtering, performance hotspot detection, and license compliance — without reading source files. 95% fewer tokens vs source-reading baseline. `pip install orihime`

Security python
claude mcp add orihime -- pip install orihime

authbox

Community

Zero-knowledge password manager with MCP credential gateway. BIP-39 seed phrase recovery, deterministic passwords, policy-gated AI agent access (scope, rate limits, time windows, step-up approval), 70+ API key providers, and hash-chain audit trail. Go + Next.js + TypeScript.

Security typescript

No reliable install_ref — see repo instructions.

AIM-Guard-MCP

Community

Security-focused MCP server that provides safety guidelines and content analysis for AI agents.

Security typescript

No reliable install_ref — see repo instructions.

mcp-guardian

Community

Security and governance proxy for MCP infrastructure. Enforces YAML-configurable policies (blocklists, rate limits, token budgets), tracks real token costs via tiktoken, monitors server health with live JSON-RPC probes. Features include OAuth 2.1/OIDC with RBAC, web dashboard with Prometheus metrics, payload normalization against encoding bypasses, semantic shell AST analysis, mTLS zero-trust networking, circuit breakers, and a formal STRIDE threat model. 168 tests across 16 suites. Install: npm install -g @mcp-guardian/server

Security typescript

No reliable install_ref — see repo instructions.

roadrecon_mcp_server

Community

MCP server for analyzing ROADrecon gather results from Azure tenant enumeration

Security python

No reliable install_ref — see repo instructions.

cloud-audit

Community

Open-source AWS security scanner with attack chain detection, breach cost estimation, and copy-paste remediation (CLI + Terraform). 47 checks, 16 attack chain rules. First free standalone AWS security MCP server.

Security python

No reliable install_ref — see repo instructions.

fetch-guard

Community

URL fetcher and HTML-to-markdown converter with three-layer prompt injection defense: pre-extraction sanitization of hidden/off-screen elements and non-printing Unicode, 15-pattern risk scanning (HIGH/MEDIUM/OK), and per-request session-salt content boundary wrapping.

Security python

No reliable install_ref — see repo instructions.

shellward

Community

AI Agent Security Middleware & MCP Server with 8-layer defense including prompt injection detection, DLP data flow tracking, command blocking, and PII detection. 7 MCP tools, zero dependencies.

Security typescript

No reliable install_ref — see repo instructions.

gia-mcp-server

Community

Enterprise AI governance layer with 29 tools: MAI decision classification (Mandatory/Advisory/Informational), hash-chained forensic audit trails, human-in-the-loop gates, compliance mapping (NIST AI RMF, EU AI Act, ISO 42001), governed memory packs, and site reliability tools.

Security typescript

No reliable install_ref — see repo instructions.

cleaner-code

Community

AI code security scanner MCP server. Detects 9 categories of threats in AI-generated code (invisible Unicode, Trojan Source, homoglyphs, Glassworm steganography, rules file backdoors, dependency typosquatting, obfuscation) using static analysis plus CodeBERT deep learning. Runs locally, free tier.

Security typescript

No reliable install_ref — see repo instructions.

clawguard-mcp

Community

Security scanner for AI agents that detects prompt injections using 42+ regex patterns

Security python

No reliable install_ref — see repo instructions.

Most trusted

Catalog: Last synced: —

Source: awesome-mcp-servers (CC0) — punkpeye/awesome-mcp-servers

Curated by punkpeye — enriched with GitHub signals.