Happy slice of mcp pizzaMCP.pizza

MCP Security Checker

Scan any remote MCP server for security vulnerabilities before connecting your AI agent.

https://

Paste the full URL of a remote MCP server (Streamable HTTP or SSE endpoint).

Before You Scan

  • +Phase 1only reads tool definitions — completely safe.
  • !Phase 2calls tools with test inputs — may trigger side effects on the target server.
  • Results are automated and not guaranteed. Use at your own risk.
Phase 0 — Pre-Flight

Checks TLS encryption and DNS rebinding before connecting. No contact with the server.

Phase 1 — Schema Analysis

Reads tool definitions for credential phishing, context harvesting, and dangerous capabilities. Safe, read-only.

Phase 2 — Response Analysis

Opt-in. Calls up to 3 tools with test inputs to scan for SSRF, prompt injection, and exfiltration.