Back to Browse
Free
Server data from the Official MCP Registry
Thin MCP and CLI proxy for AI agent and MCP security auditing via a hosted backend
About
Thin MCP and CLI proxy for AI agent and MCP security auditing via a hosted backend
Security Report
6.7
Moderate6.7Moderate RiskValid MCP server (1 strong, 4 medium validity signals). 1 code issue detected. 3 known CVEs in dependencies (0 critical, 3 high severity) Package registry verified. Imported from the Official MCP Registry.
6 files analyzed · 5 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
Permissions Required
This plugin requests these system permissions. Most are normal for its category.
What You'll Need
Set these up before or after installing:
API key for the managed hosted audit backendRequired
Environment variable: AGENT_SECURITY_API_KEY
Optional HTTPS API origin for self-hosted or private deployments
Environment variable: AGENT_SECURITY_BASE_URL
How to Install
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-joepangallo-mcp-audit-server": {
"env": {
"AGENT_SECURITY_API_KEY": "your-agent-security-api-key-here",
"AGENT_SECURITY_BASE_URL": "your-agent-security-base-url-here"
},
"args": [
"-y",
"ledd-mcp-audit-server"
],
"command": "npx"
}
}
}Documentation
View on GitHubFrom the project's GitHub README.
mcp-audit-server
Thin MCP server and CLI proxy for AI agent and MCP security auditing. It connects to a private audit API to analyze MCP configurations, test prompt injection resistance, trace data flows, scan packages, and generate security policies.
This package is a thin proxy. All scan logic lives in a private backend operated by you or your provider.
Managed hosted flow:
- set
AGENT_SECURITY_API_KEY - the package will automatically target
https://audit.leddconsulting.com
Self-hosted or private-network flow:
- set
AGENT_SECURITY_BASE_URLto your HTTPS API origin - or set
AGENT_SECURITY_HOSTandAGENT_SECURITY_PORTfor a loopback/private deployment
Hosted backend access is not bundled with this package. If you want managed access or a licensed private deployment, contact Ledd Consulting.
Registry and Directories
- npm package:
ledd-mcp-audit-server - Official MCP Registry name:
io.github.joepangallo/mcp-audit-server - Downstream directories such as Glama and PulseMCP should ingest from the official MCP Registry, so you usually do not need separate manual submissions for each site.
- Glama authorship claim is optional. It only gives you ownership of the Glama page and access to manual sync and re-scan controls.
Install
npm install ledd-mcp-audit-server
Install package: ledd-mcp-audit-server
CLI command after install: mcp-audit-server
This is the public package that should be published to npm and listed in public MCP directories. The audit engine itself stays private.
The old package name mcp-server-agent-security is retired. See MIGRATION.md for upgrade steps and the deprecation plan.
Usage as MCP Server
Add to your MCP client configuration (Claude Desktop, Cursor, etc.):
{
"mcpServers": {
"mcp-audit-server": {
"command": "npx",
"args": ["-y", "ledd-mcp-audit-server", "--mcp"],
"env": {
"AGENT_SECURITY_API_KEY": "your-issued-api-key"
}
}
}
}
For a self-hosted backend, add AGENT_SECURITY_BASE_URL to that same env block.
The server exposes 10 tools over stdio:
| Tool | Description |
|---|---|
audit_mcp_config | Static analysis of MCP config JSON for privilege, auth, transport, and launch risks |
audit_mcp_server | Active probing of a running MCP server over stdio (requires AGENT_SECURITY_ADMIN_MODE=1) |
audit_agent_trust | Trust audit for tool permissions, execution provenance, secret exposure controls, policy drift, and deployment trust score |
audit_prompt_injection | Tests a system prompt against a 30+ payload injection catalog |
audit_agent_dataflow | Traces PII and secret exposure through an agent's tool pipeline |
scan_mcp_package | Scans an npm MCP package for dependency vulnerabilities and dangerous patterns |
generate_report | Combines multiple audit results into a composite report with executive summary |
fix_mcp_config | Auto-remediates config issues: removes unsafe flags, upgrades transport, redacts secrets |
harden_system_prompt | Appends injection-resistant guardrails to a system prompt |
generate_policy | Generates an enforceable JSON security policy from an MCP config |
Usage as CLI
The CLI forwards commands to the private audit API.
# Hosted quick start
export AGENT_SECURITY_API_KEY=your-issued-api-key
# Audit an MCP configuration file
mcp-audit-server scan-config ./claude_desktop_config.json
# Probe a live MCP server (requires AGENT_SECURITY_ADMIN_MODE=1)
mcp-audit-server scan-server npx -y @modelcontextprotocol/server-filesystem /tmp
# Audit trust posture and policy drift for an agent/MCP deployment
mcp-audit-server scan-trust ./claude_desktop_config.json ./claimed-policy.json
# Scan an npm package for vulnerabilities
mcp-audit-server scan-package @modelcontextprotocol/server-shell
# Test a system prompt for injection vulnerabilities
mcp-audit-server scan-injection ./system-prompt.txt
# Trace data flows through an MCP config
mcp-audit-server scan-dataflow ./claude_desktop_config.json
# Auto-fix security issues in an MCP config
mcp-audit-server fix-config ./claude_desktop_config.json
# Harden a system prompt against injection
mcp-audit-server harden-prompt ./system-prompt.txt
# Generate a security policy from an MCP config
mcp-audit-server generate-policy ./claude_desktop_config.json
# Retrieve a previous audit report
mcp-audit-server report <audit-id>
# Output raw JSON instead of formatted tables
mcp-audit-server scan-config ./config.json --json
# Start in MCP stdio server mode
mcp-audit-server --mcp
For a self-hosted backend, also set AGENT_SECURITY_BASE_URL=https://your-audit-host.
Environment Variables
| Variable | Default | Description |
|---|---|---|
AGENT_SECURITY_BASE_URL | (none) | Full audit API origin, e.g. https://audit.example.com |
AGENT_SECURITY_HOST | 127.0.0.1 | Self-hosted/private-network audit API host |
AGENT_SECURITY_PORT | 3091 | Self-hosted/private-network audit API port |
AGENT_SECURITY_API_KEY | (none) | API key for authenticated access. If set with no endpoint overrides, the package uses https://audit.leddconsulting.com |
AGENT_SECURITY_REQUEST_TIMEOUT_MS | 15000 | Request timeout for CLI and MCP proxy calls |
AGENT_SECURITY_ADMIN_MODE | (none) | Set to 1 to enable active server probing |
What It Detects
- Tool spoofing -- duplicate tool names, namespace collision (CWE-290)
- Rug pull -- unpinned packages, version drift (CWE-829)
- Prompt injection -- direct override, instruction hijacking, role-play escape, delimiter injection, encoding bypass, multilingual injection
- Privilege escalation -- overprivileged tools, shell execution without allowlists, unrestricted filesystem access
- Data exfiltration -- PII leakage through tool pipelines, outbound network paths
- Insecure transport -- missing TLS, plaintext credentials in config
- Missing auth -- unauthenticated MCP servers, missing API key requirements
- Shell injection -- arbitrary command execution via tool configurations
- Path traversal -- unrestricted filesystem scope in tool arguments
- SQL injection -- raw SQL patterns in tool definitions
- Rate limiting -- missing request throttling on exposed tools
- Package vulnerabilities -- known CVEs in npm MCP package dependencies
- Credential exposure -- inline secrets, missing rotation policies
- Agent trust drift -- claimed-safe policies that do not match configured tools, network posture, or observed action logs
- Weak provenance -- missing action/evidence capture for risky agent operations
Requirements
- Node.js >= 18
- Access to a private audit API. The managed hosted default is
https://audit.leddconsulting.comwhenAGENT_SECURITY_API_KEYis set. UseAGENT_SECURITY_BASE_URLfor other hosted HTTPS deployments, orAGENT_SECURITY_HOSTandAGENT_SECURITY_PORTfor local/private-network deployments.
License
MIT
Built by Ledd Consulting
Reviews
No reviews yet
Be the first to review this server!
More Developer Tools MCP Servers
Git
Freeby Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
80.0K
Stars
4
Installs
6.5
Security
No ratings yet
Local
Toleno
Freeby Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
114
Stars
411
Installs
8.0
Security
4.8
Local
mcp-creator-python
Freeby mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.
-
Stars
56
Installs
10.0
Security
5.0
Local
MarkItDown
Freeby Microsoft · Content & Media
Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption
116.1K
Stars
16
Installs
6.0
Security
5.0
Local
mcp-creator-typescript
Freeby mcp-marketplace · Developer Tools
Scaffold, build, and publish TypeScript MCP servers to npm — conversationally
-
Stars
14
Installs
10.0
Security
5.0
Local
FinAgent
Freeby mcp-marketplace · Finance
Free stock data and market news for any MCP-compatible AI assistant.
-
Stars
13
Installs
10.0
Security
No ratings yet
Local