npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

agentseal-mcp-intel

v0.1.3

Published

MCP server for AgentSeal — find safe MCP servers, check security before installing, and scan your AI dev environment from inside your AI coding assistant

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

agentsealagentseal

Keywords

mcpmodel-context-protocolsecurityai-safetyagentsealmcp-securityprompt-injectiontool-poisoningcursorclaude

Readme

agentseal-mcp-intel

Security scanner for MCP servers. Check any MCP server for supply-chain threats before you install it -- directly from Claude, Cursor, or Windsurf.

The problem

MCP servers can read your files, run commands, and call APIs on your behalf. Before you install one, you should know:

  • Does it exfiltrate data to external servers?
  • Does it contain prompt injection or jailbreak payloads?
  • Does it request excessive permissions?
  • Has it been independently tested?

Most people install MCP servers blindly. This tool changes that.

What it does

agentseal-mcp-intel connects your AI assistant to the AgentSeal security registry -- 3,400+ MCP servers each tested with 265+ adversarial security probes. Your assistant can look up any server, scan your environment, and flag risks before you install anything.

Quick start

Claude Desktop

Add to ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows):

{
  "mcpServers": {
    "agentseal": {
      "command": "npx",
      "args": ["-y", "agentseal-mcp-intel"]
    }
  }
}

Cursor

Add to .cursor/mcp.json (project) or ~/.cursor/mcp.json (global):

{
  "mcpServers": {
    "agentseal": {
      "command": "npx",
      "args": ["-y", "agentseal-mcp-intel"]
    }
  }
}

Windsurf

Add to ~/.codeium/windsurf/mcp_config.json:

{
  "mcpServers": {
    "agentseal": {
      "command": "npx",
      "args": ["-y", "agentseal-mcp-intel"]
    }
  }
}

Restart your AI tool. That's it.

Tools

| Tool | What it does | Network | |------|-------------|---------| | search_registry | Find safe MCP servers by use case | API call | | check_server | Check a specific server's security score before installing | API call | | check_environment | Scan all servers installed in your AI tools | API call (names only) | | check_file | Analyze an AI config file for hidden threats | 100% local | | submit_server | Submit an unknown server for scanning | API call |

search_registry

Find MCP servers by what you need. Results include trust scores so you can pick a safe option.

"Find me a PostgreSQL MCP server"
"Search for web scraping MCP servers with a score above 70"

| Parameter | Type | Required | Description | |-----------|------|----------|-------------| | query | string | Yes | What you need, e.g. "PostgreSQL", "web scraping", "send email" | | category | string | No | Filter by category | | safe_only | boolean | No | Only return servers scoring 70+ | | limit | number | No | Max results (default: 10, max: 20) |

check_server

Check the security of a specific MCP server before installing it. Accepts package names, slugs, or GitHub URLs.

"Is @modelcontextprotocol/server-github safe?"
"Check the security of https://github.com/crystaldba/postgres-mcp"
"Check mcp-server-postgres before I install it"

Returns:

  • Trust score (0-100) with risk level
  • Score breakdown across 5 dimensions (description safety, schema safety, capability risk, auth & permissions, stability)
  • Security findings with severity ratings
  • Install links and metadata

| Risk level | Score | Meaning | |-----------|-------|---------| | EXCELLENT | 85-100 | No significant issues found | | HIGH | 70-84 | Minor issues, generally safe | | MEDIUM | 50-69 | Review findings before installing | | LOW | 30-49 | Significant concerns, use with caution | | CRITICAL | 0-29 | Do not install |

check_environment

Scan all MCP servers currently installed in Claude Desktop, Cursor, and Windsurf. Checks each one against the registry and groups results by risk level.

"Scan my installed MCP servers for security issues"
"Check my Cursor MCP setup"

| Parameter | Type | Required | Description | |-----------|------|----------|-------------| | scope | string | No | Which tool to scan: all (default), claude, cursor, windsurf | | dry_run | boolean | No | Preview what would be scanned without making API calls |

Privacy: Only server names are sent to the API. Config file paths, environment variables, API keys, and credentials never leave your machine.

check_file

Analyze an AI config file for hidden security threats. Runs entirely locally -- zero data is sent anywhere.

"Check my .cursorrules file for threats"
"Scan CLAUDE.md for prompt injection"

Detects:

  • Prompt injection and jailbreak patterns
  • Invisible Unicode characters (zero-width joiners, Unicode tags, BiDi overrides)
  • Data exfiltration instructions (URL variable interpolation, fetch + secrets)
  • Base64-encoded payloads
  • Unsafe auto-approve permissions

| Supported files | |----------------| | .cursorrules / .cursor/rules | | CLAUDE.md / .claude/ | | .github/copilot-instructions.md | | .windsurfrules | | .mcp.json / claude_desktop_config.json |

check_file only accepts known AI config file patterns. Requests for arbitrary files (e.g. /etc/passwd, ~/.ssh/id_rsa) are rejected.

submit_server

Submit an MCP server that's not in the registry for security scanning. AgentSeal fetches it, runs 265+ probes, and publishes results.

"Submit mcp-server-postgres for scanning"
"Scan https://github.com/org/repo and add it to the registry"

| Parameter | Type | Required | Description | |-----------|------|----------|-------------| | name | string | Yes | Package name or GitHub URL | | package_type | string | Yes | npm, pypi, remote, or docker | | confirmed | boolean | Yes | Must be true to submit. Use false to preview. |

Requires explicit confirmation. Your AI assistant cannot submit servers without you approving it first.

Example session

You:  Check if the GitHub MCP server is safe to install.

Claude: [calls check_server("@modelcontextprotocol/server-github")]

      [AgentSeal] server-github  ~ HIGH -- 82/100
      ████████████████░░░░  82/100
      TypeScript . MIT . 18 tools . by modelcontextprotocol

      SCORE BREAKDOWN
        Desc Safety      ▪▪▪▪▪▪▪▪▪▪  95
        Schema Safety    ▪▪▪▪▪▪▪▪··  80
        Capability       ▪▪▪▪▪▪▪···  72
        Auth & Perms     ▪▪▪▪▪▪▪▪··  78
        Stability        ▪▪▪▪▪▪▪▪▪▪  100

      FINDINGS
        0 critical . 1 high . 1 medium

You:  Scan all my installed MCP servers.

Claude: [calls check_environment()]

      ENVIRONMENT SCAN -- 4 servers across 2 config files

      SAFE
        server-github          82/100  HIGH
        server-filesystem      78/100  HIGH

      REVIEW
        mcp-server-browserbase 54/100  MEDIUM  (1 finding)

      UNKNOWN
        some-custom-mcp        NOT IN REGISTRY

      ACTION REQUIRED
        Run check_server("some-custom-mcp") or submit it for scanning.

Privacy and data handling

| Action | What is read locally | What is sent to agentseal.org | What stays on your machine | |--------|---------------------|-------------------------------|---------------------------| | search_registry | Nothing | Search query | -- | | check_server | Nothing | Server name/slug | -- | | check_environment | AI tool config files | Server names only | File paths, env vars, API keys, all config values | | check_file | The specified config file | Nothing | Full file contents | | submit_server | Nothing | Package name + type | -- |

  • No telemetry. No usage tracking, no analytics, no background network calls.
  • Credentials never leave your machine. Config parsing extracts only server names.
  • check_file is 100% local. File contents are never transmitted.
  • External content is isolated. API responses are wrapped in <agentseal:external> delimiters so your AI assistant treats them as data, not instructions.
  • Source code is fully auditable. You're looking at it.

Configuration

| Environment variable | Default | Description | |---------------------|---------|-------------| | AGENTSEAL_API_KEY | -- | Pro API key for unlimited access and full findings detail | | AGENTSEAL_API_URL | https://agentseal.org | Override API base URL | | AGENTSEAL_DEBUG | 0 | Set to 1 for debug logs on stderr | | MCP_CONFIG_PATH | -- | Extra config file path for check_environment (useful in CI) |

Free vs Pro

| | Free | Pro | |---|------|-----| | Requests | 50/day | Unlimited | | Trust scores | Yes | Yes | | Finding counts | Yes | Yes | | Finding details (evidence, remediation) | -- | Yes | | Priority scanning | -- | Yes |

Get a Pro key at agentseal.org/pricing.

Requirements

  • Node.js 18 or later
  • An MCP-compatible host: Claude Desktop, Cursor, Windsurf, or any MCP client

Development

git clone https://github.com/agentseal/agentseal-mcp-intel.git
cd agentseal-mcp-intel
npm install
npm run build
npm test          # 133 tests
npm run typecheck # strict TypeScript

How it works

Your AI assistant                agentseal-mcp-intel               AgentSeal API
     |                                  |                               |
     |-- "check postgres-mcp" --------->|                               |
     |                                  |-- GET /api/v1/mcp/intel/... ->|
     |                                  |<-- trust score + findings ----|
     |<-- formatted security report ----|                               |
     |                                  |                               |
     |-- "scan my .cursorrules" ------->|                               |
     |                                  |-- [local analysis only]       |
     |<-- findings (no network call) ---|                               |

The MCP server is a thin, auditable client. All scoring intelligence lives in the AgentSeal API. Local analysis (check_file) runs entirely on your machine with zero network calls.

Security

If you find a security vulnerability, please email [email protected] instead of opening a public issue.

License

FSL-1.1-Apache-2.0 -- Functional Source License 1.1.

You may use and modify this software, but you cannot offer it as a competing commercial service. After 4 years, the license converts to Apache 2.0. The AgentSeal registry, probe suite, and scoring engine are proprietary. See fsl.software for details.