ToolTrust Scanner

Name: ToolTrust Scanner
Author: AgentSafe-AI

AgentSafe-AI/tooltrust-scanner

Scan third-party MCP servers for prompt injection, data exfiltration, and privilege escalation before you add them to your agent stack.

Overview

ToolTrust Scanner is an MCP server for the ship phase that scans MCP servers for prompt injection, data exfiltration, and privilege escalation risks.

What is this MCP server?

Targets MCP server attack surfaces: prompt injection, exfiltration, privilege escalation
stdio npm package tooltrust-mcp (v1.0.9) for local agent-driven scans
Purpose-built for ToolTrust / AgentSafe workflow—not generic npm audit alone
Fits pre-ship gate before wiring marketplace MCPs into Claude Code
AgentSafe-AI maintained scanner with GitHub source for updates
Registry version 1.0.9
npm identifier tooltrust-mcp with stdio transport
GitHub repository AgentSafe-AI/tooltrust-scanner

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 16 GitHub stars.

What problem does it solve?

New MCP servers look convenient in READMEs but can hide injection or exfiltration behavior your agent will execute with full tool access.

Who is it for?

Builders curating a personal MCP allowlist who want automated MCP-centric checks before enabling unknown servers.

Skip if: Teams with zero MCP usage or those who already run a full external AppSec program on every dependency weekly.

What do I get? / Deliverables

You get scanner-driven findings on risky MCP patterns so you can block, sandbox, or fix integrations before production agent sessions.

Security findings focused on MCP abuse patterns
Go/no-go signal for adding third-party MCP servers
Documented risk themes (injection, exfiltration, escalation) for remediation

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Trust review belongs in ship when you harden what reaches production agents, right alongside security and launch prep—not during casual idea browsing. Security subphase matches MCP-specific offensive-pattern checks before you enable unknown tools in live sessions.

How it compares

MCP-focused security scanner MCP, not a hosted WAF or generic dependency CVE database.

Common Questions / FAQ

Who is ToolTrust Scanner for?

Solo developers and agent authors who install many MCP servers and need injection and exfiltration checks tailored to tool protocols.

When should I use ToolTrust Scanner?

During ship and security review immediately before adding new MCP servers to Claude Code, Cursor, or production agent configs.

How do I add ToolTrust Scanner to my agent?

Install the npm package tooltrust-mcp (stdio transport v1.0.9) and register it as an MCP server in your client, then invoke scan tools against target server configs or packages.

ToolTrust Scanner

AgentSafe-AI/tooltrust-scanner

Scan third-party MCP servers for prompt injection, data exfiltration, and privilege escalation before you add them to your agent stack.

Overview

ToolTrust Scanner is an MCP server for the ship phase that scans MCP servers for prompt injection, data exfiltration, and privilege escalation risks.

What is this MCP server?

Targets MCP server attack surfaces: prompt injection, exfiltration, privilege escalation
stdio npm package tooltrust-mcp (v1.0.9) for local agent-driven scans
Purpose-built for ToolTrust / AgentSafe workflow—not generic npm audit alone
Fits pre-ship gate before wiring marketplace MCPs into Claude Code
AgentSafe-AI maintained scanner with GitHub source for updates
Registry version 1.0.9
npm identifier tooltrust-mcp with stdio transport
GitHub repository AgentSafe-AI/tooltrust-scanner

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 16 GitHub stars.

What problem does it solve?

New MCP servers look convenient in READMEs but can hide injection or exfiltration behavior your agent will execute with full tool access.

Who is it for?

Builders curating a personal MCP allowlist who want automated MCP-centric checks before enabling unknown servers.

Skip if: Teams with zero MCP usage or those who already run a full external AppSec program on every dependency weekly.

What do I get? / Deliverables

You get scanner-driven findings on risky MCP patterns so you can block, sandbox, or fix integrations before production agent sessions.

Security findings focused on MCP abuse patterns
Go/no-go signal for adding third-party MCP servers
Documented risk themes (injection, exfiltration, escalation) for remediation

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

MCP-focused security scanner MCP, not a hosted WAF or generic dependency CVE database.

Common Questions / FAQ

Who is ToolTrust Scanner for?

Solo developers and agent authors who install many MCP servers and need injection and exfiltration checks tailored to tool protocols.

When should I use ToolTrust Scanner?

During ship and security review immediately before adding new MCP servers to Claude Code, Cursor, or production agent configs.

How do I add ToolTrust Scanner to my agent?

Install the npm package tooltrust-mcp (stdio transport v1.0.9) and register it as an MCP server in your client, then invoke scan tools against target server configs or packages.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is ToolTrust Scanner for?

When should I use ToolTrust Scanner?

How do I add ToolTrust Scanner to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is ToolTrust Scanner for?

When should I use ToolTrust Scanner?

How do I add ToolTrust Scanner to my agent?