npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

mcps-audit

v1.0.0

Published

OWASP Security Scanner for MCP Servers — scans against OWASP MCP Top 10 + Agentic AI Top 10

Downloads

83

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

proofxhqproofxhq

Keywords

mcpowaspsecurityauditscanneragentic-aimcps

Readme

mcps-audit

OWASP Security Scanner for MCP Servers. Checks your code against OWASP MCP Top 10 + OWASP Agentic AI Top 10 and generates a professional PDF security report.

Built by AgentSign.

Quick Start (3 steps)

# 1. Install it
npm install -g mcps-audit

# 2. Point it at your code
mcps-audit ./my-mcp-server

# 3. Open the PDF report
open mcps-audit-report.pdf

That's it. You get:

  • A colored terminal summary showing what passed and what failed
  • A professional PDF report (saved to ./mcps-audit-report.pdf)

How It Works (explain like I'm 5)

You have code. You want to know if it's safe.

mcps-audit reads your code files (.js, .ts, .py, .json), looks for 20 types of security problems, and tells you:

  • PASS = You're good. No serious issues found.
  • WARN = Some problems. You should fix them.
  • FAIL = Serious problems. Fix these before shipping.

It also shows you exactly which file, which line, and how to fix it.

The PDF report is designed to hand to your security team, your boss, or your client. It looks professional and covers two major standards:

  1. OWASP MCP Top 10 — Security risks specific to MCP (Model Context Protocol) servers
  2. OWASP Agentic AI Top 10 — Security risks for AI agents in general

Install

Global (recommended):

npm install -g mcps-audit

Local (in your project):

npm install --save-dev mcps-audit
npx mcps-audit .

No install (one-off):

npx mcps-audit ./my-code

Requires Node.js 18+. One dependency (pdfkit for PDF generation). No Chrome, no Puppeteer, no heavy stuff.

Usage

mcps-audit [target] [options]

| Option | What it does | Default | |--------|-------------|---------| | target | Folder or file to scan | . (current directory) | | -o, --output | Where to save the PDF | ./mcps-audit-report.pdf | | --name | Name shown in the report | Folder name | | --json | Print JSON findings to terminal | Off | | --severity | Only show this level and above: LOW MEDIUM HIGH CRITICAL | LOW (show everything) | | -v, --version | Print version | | | -h, --help | Show help | |

Examples

# Scan current directory
mcps-audit

# Scan a specific folder, name it in the report
mcps-audit ./src --name "My MCP Server"

# Only care about HIGH and CRITICAL issues
mcps-audit . --severity HIGH

# Save report somewhere specific
mcps-audit ./server -o ~/Desktop/security-report.pdf

# Get machine-readable JSON output
mcps-audit . --json

# Scan a single file
mcps-audit ./server.js

In CI/CD

# GitHub Actions
- run: npx mcps-audit . --severity HIGH
  # Exit code 1 if FAIL verdict, 0 if PASS/WARN

What It Checks

OWASP MCP Top 10 (10 risks)

| ID | Risk | What it means | |----|------|--------------| | MCP-01 | Rug Pulls | Tool definitions change after you approve them | | MCP-02 | Tool Poisoning | Hidden instructions in tool descriptions | | MCP-03 | Privilege Escalation | Combining tools to get more access than intended | | MCP-04 | Cross-Server Forgery | One MCP server tricks another | | MCP-05 | Sampling Manipulation | Server manipulates AI responses | | MCP-06 | Prompt Injection via MCP | Malicious data injected through tool responses | | MCP-07 | Resource Exhaustion | No auth = anyone can abuse your server | | MCP-08 | Insufficient Logging | No audit trail for what happened | | MCP-09 | Insecure MCP-to-MCP | No origin validation between servers | | MCP-10 | Context Pollution | Malicious data pollutes the shared context |

OWASP Agentic AI Top 10 (12 rules)

| Rule | Checks for | Severity | |------|-----------|----------| | AS-001 | exec(), eval(), subprocess — dangerous code execution | CRITICAL | | AS-002 | Hardcoded API keys, passwords, tokens | HIGH | | AS-003 | Excessive permissions (admin, delete, execute) | MEDIUM | | AS-004 | File input flowing into prompts (injection vector) | HIGH | | AS-005 | Known injection patterns: SQL, XSS, command injection | CRITICAL | | AS-006 | Code execution without sandboxing | HIGH | | AS-007 | Dependencies without lockfile or integrity checks | LOW | | AS-008 | Auto-approve, bypass safety, skip confirmation | HIGH | | AS-009 | innerHTML, document.write — unsafe output | MEDIUM | | AS-010 | No logging or monitoring detected | MEDIUM | | AS-011 | HTTP requests that could exfiltrate sensitive data | HIGH | | AS-012 | Server endpoints without authentication | HIGH |

The PDF Report

The generated report includes these sections:

  1. Cover page — Shield logo, target name, date, report ID
  2. Executive summary — PASS/WARN/FAIL verdict, risk score bar, severity counts
  3. Risk comparison — "WITHOUT MCPS" (red) vs "WITH MCPS" (green) side-by-side
  4. OWASP MCP Top 10 matrix — Pass/Fail/Warn for each of the 10 risks
  5. Agentic AI matrix — All 12 rules with MITRE ATT&CK + STRIDE mapping
  6. Detailed findings — File path, line number, code snippet, how to fix
  7. Remediation checklist — Prioritized by severity, checkbox format
  8. Methodology — Standards referenced, scanner version, contact info

Every page has footers. No blank pages. Print-ready A4.

Exit Codes

| Code | Meaning | |------|---------| | 0 | PASS or WARN verdict | | 1 | FAIL verdict (CRITICAL findings found) |

Use this in CI to fail builds on critical security issues.

Standards

License

MIT