mcpwatch
Provides GitHub Action for CI/CD pipelines to scan MCP servers before deployment and fail builds below specified security grades.
Functions as a security scanner for MCP servers, auditing them against the OWASP MCP Top 10 and producing letter grades similar to Have I Been Pwned's breach notification service.
Requires Node.js 18+ runtime environment for executing security scans on MCP servers through CLI, MCP server interface, and automated workflows.
Distributed as npm packages (mcpwatch-mcp and mcpwatch-scanner) and scans MCP servers published to npm as part of daily automated security audits.
Implements security checks derived from the OWASP MCP Top 10 framework, performing automated vulnerability assessments against MCP servers.
Generates live SVG grade badges that can be embedded in README files to display MCP server security scores, similar to Shields.io badge service.
Produces SVG format badges for displaying MCP server security grades that can be embedded in documentation and README files.
Built with TypeScript for the core scanning engine that performs security checks on MCP servers across different execution environments.
MCPWatch
Have I Been Pwned for MCP servers. Open-source security scanner that audits MCP servers against the OWASP MCP Top 10 and produces an A–F letter grade.
Overview
MCPWatch is a security tool for the MCP ecosystem that:
Runs 10 automated checks derived from the OWASP MCP Top 10 on any MCP server
Produces an A–F letter grade with per-check findings
Exposes an MCP server interface so AI agents can audit MCPs on demand
Provides a CLI for pre-install scanning in CI/CD pipelines
Powers a public leaderboard at mcpwatch.pages.dev with live SVG grade badges
Installation
Use with Claude Code / Cursor / Windsurf (MCP server)
Add to your MCP configuration:
{
"mcpServers": {
"mcpwatch": {
"command": "npx",
"args": ["-y", "mcpwatch-mcp"]
}
}
}CLI (scan before install)
npx mcpwatch-scanner /path/to/mcp-serverGitHub Action (CI/CD gate)
- uses: lazymac2x/mcpwatch-action@v1
with:
path: .
fail-below: BMCP Tools
When running as an MCP server, MCPWatch exposes the following tools to your AI agent:
Tool | Description |
| Scan a local MCP server by path — returns grade + per-check findings |
| Fetch the live grade for any public MCP server by owner/repo slug |
| Return the top/bottom N servers from the public leaderboard |
| Get a detailed explanation of any OWASP MCP Top 10 check by ID |
Example: scan before adding an MCP
Ask Claude: "Use mcpwatch to scan the filesystem-mcp server at ~/mcps/filesystem-mcp before I add it to my config."
The 10 Checks (OWASP MCP Top 10)
ID | Check | Severity |
MCP-01 | Command injection in tool handlers | Critical |
MCP-02 | Path traversal in file tools | Critical |
MCP-03 | Unauthenticated mutations | Critical |
MCP-04 | Prompt injection via tool descriptions | High |
MCP-05 | SSRF in URL-fetching tools | High |
MCP-06 | Hardcoded secret leakage | High |
MCP-07 | Over-permissive filesystem scope | Medium |
MCP-08 | Missing rate limits | Medium |
MCP-09 | Outdated dependencies with known CVEs | Medium |
MCP-10 | Missing input schema validation | Low |
Grading
Grade | Score |
A | 90–100 — no Critical/High findings |
B | 75–89 — no Critical findings |
C | 60–74 — has Critical findings, minor impact |
D | 40–59 — multiple Critical findings |
F | 0–39 — severe/exploitable vulnerabilities |
Public Leaderboard & Badges
Every public MCP server on Smithery, npm, and the official registry is scanned daily.
Live badge — drop into any README:
[](https://mcpwatch.pages.dev/servers/YOUR_OWNER/YOUR_REPO)JSON API:
GET https://api.lazy-mac.com/mcpwatch/scan/{owner}/{repo}Architecture
mcpwatch/
├── packages/
│ ├── scanner/ # Core check engine (TypeScript, runs in Worker + CLI + Node)
│ └── cli/ # mcpwatch-scanner — npx runnable
├── workers/
│ └── crawler/ # CF Worker — scheduled crawl + scan (daily)
├── apps/
│ └── web/ # CF Pages — mcpwatch.pages.dev — public leaderboard
└── .github/
└── workflows/ # mcpwatch-action CI gateRequirements
Node.js 18+
The MCP server under test must be locally accessible (for
scan_mcp_server/ CLI)No API key required for public leaderboard lookups
License
MIT — use it, fork it, contribute checks.
Contributing
Pull requests for new checks, false-positive fixes, or leaderboard improvements are welcome. See CONTRIBUTING.md for guidelines.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/lazymac2x/mcpwatch'
If you have feedback or need assistance with the MCP directory API, please join our Discord server