MCPAmpel MCP Security Scanner

Name: MCPAmpel MCP Security Scanner
Author: MCPAmpel

MCPAmpel/mcpampel

Audit every MCP server in your Claude Code or Cursor config before you grant it filesystem or API access.

Overview

MCPAmpel is a MCP server for the Ship phase that scans your installed MCP servers for security vulnerabilities using 16 detection engines.

What is this MCP server?

Runs 16 dedicated detection engines against installed MCP server packages
Stdio MCP transport via PyPI package mcpampel (version 0.2.2)
Requires MCPAMPEL_API_KEY from mcpampel.com for authenticated scans
Targets vulnerability patterns specific to Model Context Protocol servers
Fits a pre-ship checklist alongside code review and secrets hygiene
16 detection engines
Server version 0.2.2
PyPI package identifier mcpampel

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 2 GitHub stars.

What problem does it solve?

Every new MCP server is another attack surface, and most indie builders never systematically scan what their agent can invoke.

Who is it for?

Builders maintaining a growing MCP config who want a repeatable audit pass before production or client work.

Skip if: Teams that only use built-in IDE features with zero MCP servers, or anyone expecting full-stack app pentesting in one tool.

What do I get? / Deliverables

You get structured vulnerability findings across your MCP stack so you can remove or harden risky servers before shipping.

Vulnerability findings from 16 detection engines across configured MCP servers
Actionable signal to disable, update, or replace risky MCP entries
Repeatable pre-release MCP security check in your agent workflow

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Security vetting belongs in Ship once you are wiring third-party MCP servers into daily agent workflows. The security subphase is where builders reduce supply-chain and misconfiguration risk on MCP tooling.

How it compares

MCP-focused security scanner, not a general repository SAST skill or hosting firewall.

Common Questions / FAQ

Who is MCPAmpel for?

It is for solo and indie developers who run multiple MCP servers in Claude Code, Cursor, or similar agents and need a dedicated MCP security check.

When should I use MCPAmpel?

Use it when you add a new MCP server from PyPI or GitHub, after cloning a teammate’s config, or before you ship a product that relies on agent tool access.

How do I add MCPAmpel to my agent?

Install the mcpampel PyPI package, set MCPAMPEL_API_KEY in your environment, register the stdio MCP entry from the official server schema, and restart your agent host.

MCPAmpel MCP Security Scanner

MCPAmpel/mcpampel

Audit every MCP server in your Claude Code or Cursor config before you grant it filesystem or API access.

Overview

MCPAmpel is a MCP server for the Ship phase that scans your installed MCP servers for security vulnerabilities using 16 detection engines.

What is this MCP server?

Runs 16 dedicated detection engines against installed MCP server packages
Stdio MCP transport via PyPI package mcpampel (version 0.2.2)
Requires MCPAMPEL_API_KEY from mcpampel.com for authenticated scans
Targets vulnerability patterns specific to Model Context Protocol servers
Fits a pre-ship checklist alongside code review and secrets hygiene
16 detection engines
Server version 0.2.2
PyPI package identifier mcpampel

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 2 GitHub stars.

What problem does it solve?

Every new MCP server is another attack surface, and most indie builders never systematically scan what their agent can invoke.

Who is it for?

Builders maintaining a growing MCP config who want a repeatable audit pass before production or client work.

Skip if: Teams that only use built-in IDE features with zero MCP servers, or anyone expecting full-stack app pentesting in one tool.

What do I get? / Deliverables

You get structured vulnerability findings across your MCP stack so you can remove or harden risky servers before shipping.

Vulnerability findings from 16 detection engines across configured MCP servers
Actionable signal to disable, update, or replace risky MCP entries
Repeatable pre-release MCP security check in your agent workflow

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

MCP-focused security scanner, not a general repository SAST skill or hosting firewall.

Common Questions / FAQ

Who is MCPAmpel for?

It is for solo and indie developers who run multiple MCP servers in Claude Code, Cursor, or similar agents and need a dedicated MCP security check.

When should I use MCPAmpel?

Use it when you add a new MCP server from PyPI or GitHub, after cloning a teammate’s config, or before you ship a product that relies on agent tool access.

How do I add MCPAmpel to my agent?

Install the mcpampel PyPI package, set MCPAMPEL_API_KEY in your environment, register the stdio MCP entry from the official server schema, and restart your agent host.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is MCPAmpel for?

When should I use MCPAmpel?

How do I add MCPAmpel to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is MCPAmpel for?

When should I use MCPAmpel?

How do I add MCPAmpel to my agent?