mcp-armor

Name: mcp-armor
Rating: 2.4 (115 reviews)
Author: aira-security

by aira-security·★ 115·Score 47

MCP Armor is a security scanner that discovers, analyzes, and secures MCP servers integrated with various Agentic IDEs and clients.

securitydeveloper-toolsai-llm

Forks

Open issues

2 mo ago

Last commit

2d ago

Indexed

Overview

MCP Armor provides comprehensive security protection for Model Context Protocol operations. It automatically discovers MCP configurations across popular environments like Cursor, Windsurf, VS Code, and Claude Desktop. The tool catalogs available tools, resources, and prompt templates while conducting specialized security checks including Prompt Injection, Rug Pull Attack, Cross-server Tool Shadowing, and Tool Poisoning. It generates detailed JSON and Markdown reports with actionable findings and maintains audit trails for full traceability of changes.

Try asking AI

After installing, here are 5 things you can ask your AI assistant:

you:Security auditing of MCP servers integrated into development environments

you:Detecting malicious modifications in MCP tools and resources

you:Establishing security baselines and monitoring for drifts in MCP configurations

you:Is my source code ever shared, or does everything run locally?

you:What types of security checks does MCP Armor perform?

When to choose this

Choose MCP Armor when you need to audit and secure MCP server configurations against security vulnerabilities and detect unauthorized changes in AI agent tool integrations.

When NOT to choose this

Don't choose MCP Armor if you need runtime enforcement and blocking capabilities, as it only performs static analysis without active protection mechanisms.

Comparable tools

mcp-security-scannerai-security-toolkitllm-guard

Installation

pip install mcp-armor

For Claude Desktop integration, add to your claude_desktop_config.json:

{
  "mcpServers": {
    "mcp-armor": {
      "command": "mcp-armor",
      "args": []
    }
  }
}

FAQ

Is my source code ever shared, or does everything run locally?: MCP Armor runs entirely locally. Inspect and scan modes analyze your MCP configurations directly on your machine. Prompt injection checks use an open-source model downloaded to your local environment, ensuring your data and code is never shared externally.
What types of security checks does MCP Armor perform?: MCP Armor performs checks including Prompt Injection, Indirect Prompt Injection, Cross-Server Tool Shadowing, Tool Poisoning, Tool Name Ambiguity, Command Injection, Excessive Tool Permissions, Hardcoded Secrets, and detects Rug Pull Attacks through baseline drift detection.

Compare mcp-armor with

mcp-armor vs ultimate_mcp_server mcp-armor vs mcp-server-chart mcp-armor vs everything mcp-armor vs filesystem mcp-armor vs time

GitHub →

Last updated 2026-05-17 · Auto-generated from public README + GitHub signals.