Prism Scanner

Name: Prism Scanner
Author: aidongise-cell

aidongise-cell/prism-scanner

Scan skills, plugins, and MCP servers you are about to install and get an A–F security grade before trusting them in your agent stack.

Overview

Prism Scanner is a MCP server for the ship phase that security-scans AI agent skills, plugins, and MCP servers and returns A–F grades.

What is this MCP server?

Security scanner focused on AI agent skills, plugins, and MCP servers
A–F grading for quick triage of untrusted packages
PyPI package prism-scanner with stdio MCP transport
Complements manual README review before adding marketplace entries
Version 0.1.1 on Model Context Protocol registry schema 2025-12-11
Server version 0.1.1
PyPI identifier prism-scanner
Targets three artifact types: skills, plugins, MCP servers

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 11 GitHub stars.

What problem does it solve?

You are one npm or PyPI install away from giving an unreviewed skill or MCP server access to your codebase and environment variables.

Who is it for?

Solo builders curating skills.sh or MCP registry entries who want a fast security screen before adding servers to Claude Code or Cursor.

Skip if: Enterprises needing formal pentests, compliance attestations, or continuous runtime threat detection on production workloads.

What do I get? / Deliverables

You get letter-grade security assessment on candidate skills and MCP servers so you can reject or quarantine risky extensions before enabling them.

A–F security grade for evaluated skills or MCP servers
Structured scan output usable in install/no-install decisions
Repeatable pre-install checks for agent extension stacks

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Risk from third-party agent extensions appears whenever you add tooling—validate prototypes, build integrations, and ship to users—so the canonical shelf is ship/security where hard gates belong. Pre-ship and pre-install security review is the natural home for graded scans of MCP servers and agent skills before they run with your repo and secrets.

How it compares

Dedicated security grader for agent extensions, not a general code linter or Skillselion catalog browse facet.

Common Questions / FAQ

Who is Prism Scanner for?

Builders and maintainers who install third-party MCP servers and agent skills and want an A–F security grade before trusting them.

When should I use Prism Scanner?

Run it before adding a new skill or MCP server from GitHub or a registry, and again when you upgrade versions of agent tooling.

How do I add Prism Scanner to my agent?

Install the PyPI package prism-scanner, configure stdio MCP in your client, and invoke scan tools against the skill or MCP package you are evaluating.

Prism Scanner

aidongise-cell/prism-scanner

Scan skills, plugins, and MCP servers you are about to install and get an A–F security grade before trusting them in your agent stack.

Overview

Prism Scanner is a MCP server for the ship phase that security-scans AI agent skills, plugins, and MCP servers and returns A–F grades.

What is this MCP server?

Security scanner focused on AI agent skills, plugins, and MCP servers
A–F grading for quick triage of untrusted packages
PyPI package prism-scanner with stdio MCP transport
Complements manual README review before adding marketplace entries
Version 0.1.1 on Model Context Protocol registry schema 2025-12-11
Server version 0.1.1
PyPI identifier prism-scanner
Targets three artifact types: skills, plugins, MCP servers

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 11 GitHub stars.

What problem does it solve?

You are one npm or PyPI install away from giving an unreviewed skill or MCP server access to your codebase and environment variables.

Who is it for?

Solo builders curating skills.sh or MCP registry entries who want a fast security screen before adding servers to Claude Code or Cursor.

Skip if: Enterprises needing formal pentests, compliance attestations, or continuous runtime threat detection on production workloads.

What do I get? / Deliverables

You get letter-grade security assessment on candidate skills and MCP servers so you can reject or quarantine risky extensions before enabling them.

A–F security grade for evaluated skills or MCP servers
Structured scan output usable in install/no-install decisions
Repeatable pre-install checks for agent extension stacks

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

Dedicated security grader for agent extensions, not a general code linter or Skillselion catalog browse facet.

Common Questions / FAQ

Who is Prism Scanner for?

Builders and maintainers who install third-party MCP servers and agent skills and want an A–F security grade before trusting them.

When should I use Prism Scanner?

Run it before adding a new skill or MCP server from GitHub or a registry, and again when you upgrade versions of agent tooling.

How do I add Prism Scanner to my agent?

Install the PyPI package prism-scanner, configure stdio MCP in your client, and invoke scan tools against the skill or MCP package you are evaluating.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is Prism Scanner for?

When should I use Prism Scanner?

How do I add Prism Scanner to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is Prism Scanner for?

When should I use Prism Scanner?

How do I add Prism Scanner to my agent?