Skip to content

Best MCP Servers for Security

Top MCP servers for security scanning, secrets management, and audit tools. Keep your AI agent workflows secure.

20 servers · Updated 2026 · From 2805 reviewed

Top Picks

#1 Excalidraw Verified
3 stars

Security-hardened Excalidraw MCP server with auth, rate limiting, and 14 tools

Compatibility

Claude CodeFull support
Tested
CursorFull support
Tested
VS CodeFull support via Copilot
Tested
WindsurfFull support
Tested
Claude DesktopFull support
Tested

Install

Claude Code

claude mcp add excalidraw-mcp-server -- npx -y excalidraw
#2 Aegis Verified
2 stars

Credential isolation for AI agents. Inject secrets at the network boundary.

Compatibility

Claude CodeFull support
Tested
CursorFull support
Tested
VS CodeFull support via Copilot
Tested
WindsurfFull support
Tested
Claude DesktopFull support
Tested

Install

Claude Code

claude mcp add aegis -- npx -y aegis
#3 Mund — MCP Security Scanner Verified
0

Scan for prompt injection, secrets, PII, and vet MCP servers before installation

Compatibility

Claude CodeFull support
Tested
CursorFull support
Tested
VS CodeFull support via Copilot
Tested
WindsurfFull support
Tested
Claude DesktopFull support
Tested

Install

Claude Code

claude mcp add weave-protocol -- npx -y mund

All Security Servers

Beelzebub

Verified
by mariocandela

Beelzebub is a honeypot framework that lets you build honeypot tools using MCP. Its purpose is to detect prompt injection or malicious agent behavior. The underlying idea is to provide the agent with tools it would never use in its normal work.

security Go stdio
1.9k
View

Safedep MCP Server

Verified
by safedep Official

vet-mcp checks open source packages—like those suggested by AI coding tools—for vulnerabilities and malicious code. It supports npm and PyPI, and runs locally via Docker or as a standalone binary for fast, automated vetting.

security Go stdio
976
View

Skylos

Verified
by duriantaco

Dead code detection, security scanning, and code quality analysis for Python, TypeScript, and Go. 98% recall with fewer false positives than Vulture. Includes AI-powered remediation.

security Python stdio
336
View

MCP Ts Template

Verified
by cyanheads

TypeScript template for building MCP servers with declarative tooling, observability, and auth.

security TypeScript stdio
119
View

MCP Shodan

Verified
by BurtTheCoder

MCP server for querying the Shodan API and Shodan CVEDB. This server provides tools for IP lookups, device searches, DNS lookups, vulnerability queries, CPE lookups, and more.

security TypeScript stdio
115
View

MCP Virustotal

Verified
by BurtTheCoder

MCP server for querying the VirusTotal API. This server provides tools for scanning URLs, analyzing file hashes, and retrieving IP address reports.

security TypeScript stdio
113
View

Snyk MCP Server

Verified
by snyk

Easily find and fix security issues in your applications leveraging Snyk platform capabilities.

security Go stdio
75
View

MCP Dandan

Verified
by 82ch

Real-time security framework for MCP servers that detects and blocks malicious AI agent behavior by analyzing tool call patterns and intent across multiple threat detection engines.

security Python stdio
59
View

MCP Panther

Verified
by panther-labs Official

MCP server that enables security professionals to interact with Panther's SIEM platform using natural language for writing detections, querying logs, and managing alerts.

security Python stdio
42
View

Studio MCP

Verified
by snyk Official

Embeds Snyk's security engines into agentic workflows. Secures AI-generated code in real-time and accelerates the fixing vulnerability backlogs.

security Go stdio
26
View

AIM Guard MCP

Verified
by AIM-Intelligence

Security-focused MCP server that provides safety guidelines and content analysis for AI agents.

security TypeScript stdio
20
View

Repository Intelligence

Verified
by nirholas

Analyze repos of any size - security scanning code analysis monorepo support

security Python stdio
19
View

Redmine MCP Server

Verified
by jztan

Production-ready MCP server for Redmine with security, pagination, and enterprise features

security Python stdio
16
View

MCP Server Thehive

Verified
by gbrigandi

A Rust-based MCP server to integrate TheHive, facilitating collaborative security incident response and case management via AI.

security Rust stdio
11
View

Agent Bom

Verified
by msaad00

AI supply chain security scanner with 18 MCP tools. Auto-discovers 20 MCP clients, scans dependencies for CVEs (OSV/NVD/EPSS/CISA KEV), maps blast radius from vulnerabilities to exposed credentials and tools, runs CIS benchmarks, generates CycloneDX/SPDX SBOMs, and enforces compliance across OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF, and EU AI Act.

security Python stdio
10
View

Prodlint

Verified
by prodlint

Production readiness for vibe-coded apps. 52 checks for security, reliability, and performance.

security TypeScript stdio
10
View

Vulnicheck

Verified
by andrasfe

HTTP MCP Server for comprehensive Python vulnerability scanning and security analysis.

security Python stdio
9
View

FAQ

What are the best MCP servers for Security?

We reviewed 2805 MCP servers and selected 20 top picks for Security. Our top recommendation is Excalidraw.

How do I install these MCP servers?

Each server page includes one-click install commands for Claude Code, Cursor, and VS Code. Click on any server above to see its install instructions.

Are these MCP servers safe to use?

Every server in our directory is safety-rated. Look for the safety badge on each server card — green means verified safe, yellow means use with caution.

Browse Other Topics

Database Browser Automation GitHub & Git Productivity Tools Web Search Cloud & DevOps File Management AI Memory & Context Cursor Claude Code VS Code Beginners Data & Analytics Design Tools

Not sure where to start?

Try a Starter Pack — pre-built server collections for common roles.

Browse Starter Packs