Securemcp
What is Securemcp
SecureMCP is a security auditing tool focused on identifying vulnerabilities and misconfigurations in applications utilizing the Model Context Protocol (MCP). It aims to proactively highlight threats such as OAuth token leakage, prompt injection vulnerabilities, rogue MCP servers, and tool poisoning attacks.
Use cases
SecureMCP is beneficial for AI developers integrating MCP in their applications, security teams looking to secure AI model interactions, DevSecOps engineers implementing MCP in CI/CD pipelines, researchers studying vulnerabilities in AI models, and security auditors performing assessments on MCP implementations.
How to use
Users can install SecureMCP either by cloning the source code from GitHub and building it or by pulling the Docker image. Basic command-line usage includes executing scans on target MCP servers with various options to scan for OAuth vulnerabilities, prompt injection risks, and authentication issues. Users can also generate reports in HTML or JSON formats.
Key features
SecureMCP features an OAuth token scanner for validating token formats and security checks, a prompt injection tester that allows for various payload types and position testing, and an integrity check on authentication and server security. It also provides comprehensive report generation that classifies vulnerabilities and suggests remediation steps.
Where to use
It is ideal for environments where MCP is employed, including applications that leverage AI models, security assessments for applications using MCP, and integration into development pipelines where secure interactions with AI models are critical.
Overview
What is Securemcp
SecureMCP is a security auditing tool focused on identifying vulnerabilities and misconfigurations in applications utilizing the Model Context Protocol (MCP). It aims to proactively highlight threats such as OAuth token leakage, prompt injection vulnerabilities, rogue MCP servers, and tool poisoning attacks.
Use cases
SecureMCP is beneficial for AI developers integrating MCP in their applications, security teams looking to secure AI model interactions, DevSecOps engineers implementing MCP in CI/CD pipelines, researchers studying vulnerabilities in AI models, and security auditors performing assessments on MCP implementations.
How to use
Users can install SecureMCP either by cloning the source code from GitHub and building it or by pulling the Docker image. Basic command-line usage includes executing scans on target MCP servers with various options to scan for OAuth vulnerabilities, prompt injection risks, and authentication issues. Users can also generate reports in HTML or JSON formats.
Key features
SecureMCP features an OAuth token scanner for validating token formats and security checks, a prompt injection tester that allows for various payload types and position testing, and an integrity check on authentication and server security. It also provides comprehensive report generation that classifies vulnerabilities and suggests remediation steps.
Where to use
It is ideal for environments where MCP is employed, including applications that leverage AI models, security assessments for applications using MCP, and integration into development pipelines where secure interactions with AI models are critical.
Content
SecureMCP
SecureMCP is a comprehensive security auditing tool designed to detect vulnerabilities and misconfigurations in applications using the Model Context Protocol (MCP). It proactively identifies threats like OAuth token leakage, prompt injection vulnerabilities, rogue MCP servers, and tool poisoning attacks.
š”ļø Features
OAuth Token Scanner
- Token format validation and security checks
- Expiration and scope analysis
- Storage security assessment
- Token endpoint validation
- JWT token analysis
Prompt Injection Tester
- Multiple injection payload types
- Various injection positions testing
- Response analysis
- System prompt override detection
- Role confusion attack detection
Authentication & Server Integrity Check
- SSL/TLS configuration validation
- Authentication method testing
- Security header verification
- Server security assessment
- HSTS and CSP validation
Report Generation
- HTML and JSON report formats
- Vulnerability classification
- Severity assessment
- Remediation suggestions
- Summary statistics
šØāš» Who Should Use SecureMCP?
- AI Developers integrating MCP in applications
- Security teams securing AI model interactions
- DevSecOps engineers embedding MCP in CI/CD pipelines
- Researchers studying AI model vulnerabilities
- Security auditors assessing MCP implementations
š Getting Started
Prerequisites
- Go 1.21+
- Docker (optional, for containerized deployment)
- Node.js (for dashboard UI)
Installation
From Source
git clone https://github.com/makalin/SecureMCP.git
cd SecureMCP
make build
Using Docker
docker pull makalin/SecureMCP
Basic Usage
Command Line
# Basic scan
./securemcp scan --target https://your-mcp-server.com
# Scan with specific options
./securemcp scan --target https://your-mcp-server.com \
--scan-oauth \
--scan-prompt-injection \
--scan-authentication \
--timeout 30s
# Generate HTML report
./securemcp scan --target https://your-mcp-server.com --report html
# Generate JSON report
./securemcp scan --target https://your-mcp-server.com --report json
Programmatic Usage
import "github.com/makalin/SecureMCP/internal/scanner"
// Create scanner instance
scanner := scanner.NewScanner()
// Basic scan
results, err := scanner.Scan("https://your-mcp-server.com")
// Scan with options
options := &scanner.ScanOptions{
ScanOAuth: true,
ScanPromptInjection: true,
ScanAuthentication: true,
TestPrompt: "your test prompt",
Timeout: 30 * time.Second,
}
results, err := scanner.ScanWithOptions(target, options)
Report Generation
import "github.com/makalin/SecureMCP/internal/report"
// Create report generator
generator := report.NewReportGenerator("reports")
// Generate report
report, err := generator.GenerateReport(target, results)
// Save as HTML
err = generator.SaveReport(report, "html")
// Save as JSON
err = generator.SaveReport(report, "json")
š Example Output
Command Line
$ ./securemcp scan --target https://example-mcp-server.com
[+] Scanning Target: https://example-mcp-server.com
[!] Token storage vulnerability detected
[!] Prompt Injection vulnerability found in tool 'AutoSummary'
[!] Insecure authentication method detected
[+] Report saved to /reports/scan_2024_03_14_15_30_45.html
HTML Report
The HTML report includes:
- Summary statistics
- Vulnerability details
- Severity levels
- Remediation suggestions
- Scan metadata
JSON Report
{
"target": "https://example-mcp-server.com",
"scan_time": "2024-03-14T15:30:45Z",
"vulnerabilities": [
{
"type": "OAuth Token Vulnerability",
"severity": "high",
"description": "Token storage vulnerability detected",
"location": "https://example-mcp-server.com",
"remediation": "Implement secure token storage and proper token validation"
}
],
"summary": {
"total_vulnerabilities": 3,
"critical_count": 0,
"high_count": 1,
"medium_count": 1,
"low_count": 1
}
}š ļø Development
Project Structure
SecureMCP/ āāā cmd/ ā āāā securemcp/ # Command-line interface āāā internal/ ā āāā scanner/ # Core scanning functionality ā ā āāā oauth.go # OAuth token scanning ā ā āāā prompt.go # Prompt injection testing ā ā āāā auth.go # Authentication checks ā ā āāā scanner.go # Main scanner implementation ā āāā report/ # Report generation āāā config/ # Configuration management āāā Dockerfile # Container configuration āāā Makefile # Build and development tasks
Building
# Build binary
make build
# Run tests
make test
# Build Docker image
make docker-build
# Run in Docker
make docker-run
š¢ Contributing
Pull requests are welcome! For major changes, please open an issue first to discuss what you would like to change.
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
š License
š Links
Protect your MCP applications before they get exploited. šŖ Use SecureMCP!