HackerTrans
TopNewTrendsCommentsPastAskShowJobs

ethanmizrahi

no profile record

Submissions

Show HN: MCPShield – Supply chain security scanner for MCP servers

github.com
1 points·by ethanmizrahi·vor 5 Monaten·3 comments

comments

ethanmizrahi
·vor 5 Monaten·discuss
We built MCPShield because we kept seeing the same problems in MCP configs:

Typosquat packages that steal credentials (we found mcp-servr-github harvesting env vars) Known CVEs in Anthropic's own Git MCP server (CVE-2025-68145, RCE via prompt injection) Hardcoded database passwords visible to LLMs in tool metadata Agents with access to ~/.ssh and ~/.aws

The MCP ecosystem is following the same trajectory as npm/PyPI — rapid adoption with minimal vetting. 88% of orgs deploying AI agents have had security incidents. MCPShield scans your claude_desktop_config.json (or Cursor/VS Code config) and catches these before deployment. Zero dependencies, works offline, CI/CD-ready. We built this in the open because MCP security is a collective action problem. PRs and CVE reports welcome.