ToolTrust Scanner

ToolTrust Scanner is an open-source MCP (Model Context Protocol) server that provides advanced static security scanning for MCP tool definitions. It analyzes AI agent tools for threats such as prompt injection, data exfiltration, privilege escalation, supply-chain vulnerabilities, and more. Security engineers, AI/ML engineers, platform operators, and organizations that deploy AI agents can use ToolTrust Scanner to audit MCP servers and tool definitions before trusting or integrating with them. It exposes tools for agents to scan MCP configs, individual servers, or raw tool JSON, assigns trust grades (A–F), and integrates with CI setups for automated enforcement.