What can you do with this server?

The OWASP Agentic MCP server provides security assessment tools for AI agents, focused on the OWASP Top 10 for Agentic AI. * Full Agent Security Assessment (assess_agent_security): Comprehensive evaluation across 10 OWASP dimensions — input validation, output filtering, tool allowlists, least privilege, context isolation, action logging, inter-agent authentication, resource limits, dependency scanning, and alignment testing. * Prompt Injection Detection (check_prompt_injection): Analyze input text for known prompt injection attack patterns to identify manipulation attempts. * Tool Poisoning Detection (check_tool_poisoning): Inspect a tool's name, description, and source for signs of manipulation, including signature verification and trusted registry origin checks. * Excessive Agency Assessment (check_excessive_agency): Evaluate whether an agent has more permissions than necessary (least privilege violations), examining filesystem, network, code execution, data modification access, and tool usage ratios. * Data Leakage Risk Assessment (check_data_leakage): Assess cross-context data exposure risks, checking for context isolation, session boundaries, PII detection, output sanitization, and third-party data sharing. All tools are read-only, stateless, and idempotent, with rate limits applying on the free tier (10/day) and unlimited usage on Pro.

Which integrations are available for this server?

Security assessment against the OWASP Top 10 for Agentic AI, providing tools to detect prompt injection, tool poisoning, excessive agency, and data leakage.

de en es ja ko ru zh

OWASP Agentic MCP

by CSOAI-ORG

Overview Schema Related Servers Score Discussions

Python

Remote

MCP Scorecard: 86/100

Owasp Agentic MCP

MEOK AI Labs EU AI Act License PyPI

OWASP Top 10 for Agentic AI security MCP server — prompt injection detection, tool poisoning, exc...

OWASP Top 10 for Agentic AI security MCP server — prompt injection detection, tool poisoning, excessive agency, data leakage assessment

OWASP Agentic MCP

OWASP Top 10 for AI Agents Security Assessment — Prompt Injection, Tool Poisoning, Data Leakage

MCP License

🚀 Quick Start

# Install via pip
pip install owasp_agentic_mcp

# Or install via Smithery
npx -y @smithery/cli@latest install owasp-agentic-mcp --client claude

Related MCP server: depguard

✨ Features

MCP protocol compliant
Easy installation
Well-documented API
Production-ready
Active maintenance

📖 Documentation

🛡️ Compliance

This MCP server is built with EU AI Act compliance built-in:

✅ Article 9 — Risk Management System
✅ Article 13 — Transparency & Instructions for Use
✅ Article 15 — Bias Detection & Testing
✅ Article 26 — FRIA Support (where applicable)
✅ Article 50 — AI Content Watermarking (where applicable)

Need help getting compliant? Book a free 15-min diagnostic →

🏢 Enterprise

Need custom development, SLA guarantees, or white-label deployment?

Pro: $99/mo — Full MCP suite + EU AI Act tracking
Enterprise: $499/mo — Custom dev + SLA + Dedicated support

View Pricing → | Contact Sales →

🤝 Part of the MEOK Ecosystem

This server is part of the MEOK AI Labs ecosystem — 300+ MCP servers for sovereign AI governance.

Domain	Purpose
councilof.ai	EU AI Act compliance marketplace
safetyof.ai	AI safety & monitoring
meok.ai	Sovereign AI platform
cobolbridge.ai	Legacy modernization

📜 License

MIT © CSOAI-ORG

Tools

Tool	Description	Parameters
`full_agent_scan`	Full OWASP Agentic Top 10 security scan	`agent_config`, `tools`, `permissions`
`assess_agentic_security`	Assess against specific OWASP Agentic categories	`categories`, `agent_config`
`check_prompt_injection`	Test for prompt injection vulnerabilities	`system_prompt`, `user_input_template`
`check_tool_poisoning`	Check for tool poisoning risks	`tool_definitions`, `input_validation`
`check_excessive_agency`	Assess agency level vs minimum required	`allowed_tools`, `required_tools`, `permissions`

Installation

pip install mcp

Claude Desktop / Cursor / VS Code / Windsurf

{
  "mcpServers": {
    "owasp-agentic": {
      "command": "python",
      "args": ["path/to/server.py"]
    }
  }
}

Usage Examples

Full agent security scan

{
  "agent_config": {
    "system_prompt": "You are a helpful assistant that can access email, calendar, and file system.",
    "allowed_tools": ["send_email", "read_calendar", "write_file"]
  },
  "permissions": ["email:send", "calendar:read", "files:write"]
}

Check prompt injection

{
  "system_prompt": "You are a financial advisor bot",
  "user_input_template": "{user_query} Please provide investment advice."
}

Pricing

Free: 10 scans/day
Pro: $99/mo — unlimited scans + detailed reports
Enterprise: $499/mo — continuous monitoring + custom rules

Built by MEOK AI Labs | meok.ai

💸 Try MEOK in 30 seconds — instant buy ladder

Tier	Price	What you get	Stripe
Smoke test	£1	Signed sample MCP-Hardening report + Article 50 PDF	https://buy.stripe.com/aFa7sNcgAdQS0ZT1Uc8k91t
Quick Kit	£9	EU AI Act Article 50 implementation guide (C2PA + EU-Icon)	https://buy.stripe.com/aFa7sNcgAdQS0ZT1Uc8k91t
Founder Call	£29	30-min 1-on-1 with the founder	https://buy.stripe.com/aFa7sNcgAdQS0ZT1Uc8k91t

Refundable. UK Stripe — VAT-clean. Builds on the 81-MCP MEOK fleet. Verify any signed report at https://meok.ai/verify.

Install Server

license - permissive license

quality

maintenance

How are these scores calculated?

Maintenance

–Maintainers

–Response time

–Release cycle

1Releases (12mo)

Commit activity

Resources

GitHub Repository

Need Help?

Related Servers

Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/CSOAI-ORG/owasp-agentic-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server