
Static security scanner for MCP tool definitions and agent trust.
Visit ToolTrust ScannerToolTrust Scanner is a static security scanner designed for auditing Model Context Protocol (MCP) tool definitions before agents utilize them. It analyzes tool configs for a variety of security risks—such as prompt injection, data exfiltration, privilege escalation, or compromised dependencies—assigning letter grades (A–F) to each tool and providing actionable enforcement policies. Capable of running as an MCP server, CLI, or CI/CD check, it is targeted at agent developers, security-conscious organizations, and anyone deploying AI or agentic workflows, providing instant, deterministic static analysis with no data egress.
Visit ToolTrust Scanner's official website for product details and getting started.
Comprehensive guides on how to use ToolTrust Scanner effectively.
A place to report issues, request features, and engage with the community.