MCP server for static security analysis of Android application source code.
Analyzes Android project source files — without building the project — and returns a structured security report. The analysis covers: * Manifest analysis — exported components, dangerous permissions, cleartext traffic, debug flags, backup settings, SDK versions * Gradle/build config — release build misconfigurations, outdated SDKs, suspicious dependencies, hardcoded secrets * Source code (Java/Kotlin) — insecure WebView, SSL/TLS bypass, weak crypto, SQL injection patterns, process execution, insecure file storage, PendingIntent issues * XML configuration — network security config weaknesses, overly broad file provider paths * Secret scanning — API keys, tokens, passwords, private keys, cloud credentials, high-entropy strings
All analysis is regex/pattern-based and runs natively in the Workers runtime with no external tools, Java, or Android SDK required.
This is a well-architected Android security analyzer MCP server with proper input validation, clean code structure, and appropriate permissions for its purpose. A few minor code quality issues were identified but do not pose security risks. Supply chain analysis found 3 known vulnerabilities in dependencies (1 critical, 1 high severity).
6 files analyzed · 5 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Available as Local & Remote
This plugin can run on your machine or connect to a hosted endpoint. during install.
Once installed, try these example prompts and explore these capabilities:
Be the first to review this server!
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.
by Microsoft · Content & Media
Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption
by mcp-marketplace · Developer Tools
Scaffold, build, and publish TypeScript MCP servers to npm — conversationally
by mcp-marketplace · Finance
Free stock data and market news for any MCP-compatible AI assistant.
by Taylorwilsdon · Productivity
Control Gmail, Calendar, Docs, Sheets, Drive, and more from your AI