Techly NewsGet the app

Get the latest tech news

Show HN: MCP Security Suite


Don't Simply Trust MCP Server Code, Validate and Scan - NineSunsInc/mighty-security

⚠️ Important Note for Scanning This Project: This repository contains intentionally malicious test files in mcp_test_cases/ and tests/ directories to validate our detection capabilities. Smart filtering: Automatically detects security tools, test files, and examples Reduced false positives: 70-90% reduction in false positives for security tooling code DRY pattern management: Unified pattern configuration in patterns_config.py Cache control: New--no-cache flag for fresh scans Debug mode: New--debug flag for troubleshooting LLM responses Scan profiles: Choose between production, development, or security-tool profiles Command Injection: exec(), eval(), compile() usage Credential Theft: Environment variable access, file reads + network sends Prompt Injection: Malicious prompts in metadata files Data Exfiltration: Suspicious network operations Code Obfuscation: High-entropy variables and encoded payloads Secrets in Code: API keys, tokens, private keys in configs

Get the Android app

Or read this on Hacker News

Read more on:

Photo of MCP Security Suite

MCP Security Suite

« US government is reportedly in discussions to take stake in Intel
Airbrush art of the 80s was Chrome-tastic (2015) »