Unified security dashboard for MCP/A2A scanner results
Project description
MCP-Scope
Unified security dashboard for MCP/A2A scanner results
Try it live on HuggingFace Spaces — see the dashboard with seeded demo data.
Consumes output from multiple MCP/A2A security scanners (Cisco MCP Scanner, Cisco A2A Scanner, mcp-scan, MCPwn, SARIF) and presents a consolidated view of your security posture via a web dashboard, REST API, and CLI.
Quick Start
pip install -e .
# Generate demo data and explore
mcpscope seed
mcpscope serve
# Run a scan directly against a server
mcpscope scan mcp-scan https://mcp-server.example.com/mcp
# Import results from different scanners
mcpscope import cisco-mcp results.json
mcpscope import cisco-a2a results.json
mcpscope import mcpwn results.json
mcpscope import sarif report.sarif
# Export a compliance report
mcpscope report --format csv --output report.csv
# Backup/Restore
mcpscope backup backup.db
mcpscope restore backup.db
Commands
| Command | Description |
|---|---|
serve |
Start the FastAPI web dashboard |
scan |
Run a scanner directly against a target |
import |
Import scanner JSON/SARIF results into SQLite |
report |
Export JSON, CSV, or PDF compliance report |
seed |
Generate demo scan data |
prune |
Delete scans older than N days |
backup |
Backup the SQLite database |
restore |
Restore the SQLite database from backup |
config |
View or set configuration options |
API Endpoints
| Endpoint | Description |
|---|---|
GET / |
Dashboard UI with filters and tabs |
GET /findings/{id} |
Finding detail page |
GET /docs |
Swagger UI |
GET /api/health |
Health check |
GET /api/scans |
List scans (paginated) |
GET /api/scans/{id} |
Scan details with findings |
GET /api/scans/{a}/diff/{b} |
Compare two scans |
GET /api/findings |
Query findings (paginated, filterable) |
GET /api/findings/{id} |
Single finding |
GET /api/stats/summary |
Aggregated statistics |
GET /api/stats/top-tools |
Most vulnerable tools |
GET /api/stats/severity-trend |
Findings over time |
GET /api/stats/duplicates |
Deduplicated findings |
GET /api/report/json |
Full JSON report |
GET /api/report/csv |
CSV export |
API Usage Examples
# Health check
curl http://localhost:8080/api/health
# List scans (paginated)
curl "http://localhost:8080/api/scans?page=1&page_size=10"
# Get scan with findings
curl http://localhost:8080/api/scans/scan-id-here
# Query findings with filters
curl "http://localhost:8080/api/findings?severity=critical&page=1"
# Search findings
curl "http://localhost:8080/api/findings?search=command"
# Compare two scans
curl "http://localhost:8080/api/scans/scan-a/diff/scan-b"
# Get stats summary
curl http://localhost:8080/api/stats/summary
# Get duplicates
curl http://localhost:8080/api/stats/duplicates
# Export as CSV
curl http://localhost:8080/api/report/csv -o report.csv
# Full JSON report
curl http://localhost:8080/api/report/json
# With API key authentication
curl -H "X-API-Key: your-key" http://localhost:8080/api/scans
# Swagger docs
open http://localhost:8080/docs
Dashboard Features
- Overview tab — Severity pie chart, top tools bar chart, severity trend over time
- Findings tab — Filterable table with severity/scanner/tool/search, pagination, clickable rows for detail view
- Duplicates tab — Grouped findings by tool + title + severity across scans
- Diff tab — Side-by-side comparison between any two scans
- Scans tab — Historical scan table with severity counts
- Auto-refresh — Configurable auto-refresh interval
- Finding detail page — Full details including raw JSON data
Supported Scanners
| Scanner | CLI Name | Format |
|---|---|---|
| Cisco MCP Scanner | cisco-mcp |
scan_results with analyzer-grouped findings |
| Cisco A2A Scanner | cisco-a2a |
findings with AI Security Taxonomy metadata |
| mcp-scan (Invariant Labs) | mcp-scan / mcpscan |
issues array with severity codes |
| MCPwn (ressl) | mcpwn |
Standard findings with MCP-XXX IDs |
| MCPwn (Teycir legacy) | mcpwn |
Legacy test-based format |
| SARIF | sarif |
Standard SARIF 2.1 format |
Screenshots
| Dashboard Overview | Findings Table |
|---|---|
| Scan Diff | Finding Detail |
Run mcpscope seed && mcpscope serve and open http://localhost:8080 to see the live dashboard.
CI/CD Integration
Secure the API with an API key:
mcpscope config set api_key "your-secret-key"
mcpscope serve
# All /api/* endpoints now require: X-API-Key: your-secret-key
A GitHub Actions workflow is included for automated scanning.
Slack alerts for critical/high findings:
mcpscope config set slack_webhook_url "https://hooks.slack.com/services/..."
Webhook URLs for custom integrations:
mcpscope config set webhook_urls '["https://your-server.com/webhook"]'
Configuration
Config file at ~/.mcpscope/config.json:
mcpscope config show
mcpscope config set port 9090
mcpscope config set auto_refresh_seconds 60
mcpscope config set max_upload_mb 100
Docker
docker build -t mcpscope .
docker run -p 8080:8080 -v mcpscope-data:/root/.mcpscope mcpscope
Development
pip install -e ".[dev]"
pytest
Security Events (MCPGuard Integration)
MCP-Scope can receive real-time security events from MCPGuard:
# Configure MCPGuard's config.yaml:
mcpscop_url: http://localhost:8000
# Events appear in the "Live Events" dashboard tab
| Endpoint | Method | Description |
|---|---|---|
/api/events |
POST | Ingest a security event |
/api/events |
GET | List events (filters: severity, event_type) |
/api/events/stats |
GET | Event statistics |
/api/events |
DELETE | Clear all events |
Related Projects
MCPscop is part of the Carlos-Projects security ecosystem for AI agents:
- MCPGuard — Runtime security proxy for MCP/A2A protocols with HTMX dashboard
- MCPwn — Offensive security testing framework for MCP servers
- Palisade Scanner — Scan web content for prompt injection and adversarial content
- AgentGate — Policy-based firewall and honeypot middleware for AI agents accessing websites
License
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file mcpscope-0.1.1.tar.gz.
File metadata
- Download URL: mcpscope-0.1.1.tar.gz
- Upload date:
- Size: 32.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9cd731b68678859d4ce9ba66a0fee0f3f52b98249982e6d1759b68182f4d135e
|
|
| MD5 |
4cbdd4fcbb61c95e52773bfaee0a0658
|
|
| BLAKE2b-256 |
c1eb31ee5de5e4ae7fdf5f11e2152360035c494acd0d3e91b2d45d8e7c474877
|
File details
Details for the file mcpscope-0.1.1-py3-none-any.whl.
File metadata
- Download URL: mcpscope-0.1.1-py3-none-any.whl
- Upload date:
- Size: 32.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
cb38dd1015f23adce23301e4e08a686e3e611fb9b746cb573bfa77a33ed6a7cf
|
|
| MD5 |
772e1cc5fd23151b7c0032514d139b13
|
|
| BLAKE2b-256 |
31b0157298730bfbd0bea660fbf6fb704c6ae32e4a0c392251a03661c1cedabc
|