MCP security scanner plugin - scan your installed MCP servers with 16 engines
Project description
MCPAmpel - MCP Security Scanner
Scan your installed MCP servers for security vulnerabilities, directly from your AI agent.
MCPAmpel discovers MCP servers from your Claude Code, Cursor, Windsurf, or Gemini CLI configuration, submits them to 16 scanning engines, and returns an aggregated trust score with detailed findings.
Free. 50 API calls/day.
Quick Start
uvx mcpampel
Configuration
Claude Code / Claude Desktop
Add to ~/.claude/settings.json or claude_desktop_config.json:
{
"mcpServers": {
"mcpampel": {
"command": "uvx",
"args": ["mcpampel"],
"env": {
"MCPAMPEL_API_KEY": "your_key_here"
}
}
}
}
Cursor
Add to ~/.cursor/mcp.json:
{
"mcpServers": {
"mcpampel": {
"command": "uvx",
"args": ["mcpampel"],
"env": {
"MCPAMPEL_API_KEY": "your_key_here"
}
}
}
}
Windsurf
Add to ~/.codeium/windsurf/mcp_config.json:
{
"mcpServers": {
"mcpampel": {
"command": "uvx",
"args": ["mcpampel"],
"env": {
"MCPAMPEL_API_KEY": "your_key_here"
}
}
}
}
Gemini CLI
Add to ~/.gemini/settings.json:
{
"mcpServers": {
"mcpampel": {
"command": "uvx",
"args": ["mcpampel"],
"env": {
"MCPAMPEL_API_KEY": "your_key_here"
}
}
}
}
Getting an API Key
Register for free at mcpampel.com.
Environment Variables
| Variable | Required | Default | Description |
|---|---|---|---|
MCPAMPEL_API_KEY |
Yes | - | Your API key (free at mcpampel.com) |
MCPAMPEL_BASE_URL |
No | https://mcpampel.com |
API base URL |
Tools
scan_my_servers
Discovers all MCP servers from your editor config and scans them with 16 engines. Returns a summary table with trust scores. No input needed.
scan_url
Scan a single GitHub, GitLab, npm, or PyPI URL. Returns trust score, engine breakdown, and findings.
| Parameter | Type | Required |
|---|---|---|
url |
string | Yes |
check_status
Show your daily quota usage and remaining scans.
get_scan_results
Get detailed results for a specific scan by ID. Use after scan_my_servers or scan_url to drill into findings.
| Parameter | Type | Required |
|---|---|---|
scan_id |
string | Yes |
Development
cd mcp-plugin
uv sync
uv run pytest
License
Apache License 2.0
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file mcpampel-0.2.0.tar.gz.
File metadata
- Download URL: mcpampel-0.2.0.tar.gz
- Upload date:
- Size: 66.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
445c08f9c5930fd1a59dc9230c4d1aa5de7a51c3696f607d3a067e8b34a0c415
|
|
| MD5 |
e5c730dccf376ce20ac9186249e44456
|
|
| BLAKE2b-256 |
708c86f36d9508355cf0f43cfd31fa23e785a5ecee9c8436723b16db2230fe9d
|
File details
Details for the file mcpampel-0.2.0-py3-none-any.whl.
File metadata
- Download URL: mcpampel-0.2.0-py3-none-any.whl
- Upload date:
- Size: 14.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
bbc59906747c814c6c8f1a84d2fba61066108f6c07336b0f788a63270b7161ef
|
|
| MD5 |
ce8dd1a7eefad6d04826b1d48c6fc019
|
|
| BLAKE2b-256 |
6ac515b4ff9ba583ccd71a7f108cc1c32f2d88fdb110b04cbab5bcb1792af14b
|
