MCPScan.ai is a security scanner for Model Context Protocol (MCP) servers that operates in two modes: scan and proxy. In scan mode, it analyzes configurations and tool descriptions to detect known vulnerabilities such as prompt injections, tool poisoning and toxic flows. In proxy mode, MCPScan.ai acts as a bridge between agent system and MCP server, continuously monitoring runtime traffic. This mode also enforces custom security rules and guardrails, including tool call validation, PII detection and data flow constraints. The tool provides a proactive security layer for agents, ensuring that even if a malicious prompt is accepted, the agent cannot execute harmful actions. MCPScan.ai is a purpose-built security solution for the emerging field of agentic systems.
