Mcpwatch is an open-source security auditing tool specifically designed for the Model Context Protocol (MCP) server ecosystem. It automates 10 security checks based on the OWASP MCP Top 10, assessing MCP servers for vulnerabilities such as command injection, SSRF, and prompt injection. The tool generates an A–F letter grade, offers per-check findings, and integrates into CI/CD pipelines, supporting developers, AI engineers, and organizations deploying MCP servers. It also provides a public leaderboard for transparency and easy status tracking.
Visit Mcpwatch's official website for product details and getting started.
Comprehensive guide on how to install, configure, and use Mcpwatch effectively.
Track issues, feature requests, and contributions related to Mcpwatch.