# mcp-scan > Security scanner for MCP server configurations. Detects secrets, CVEs, permission issues, and exfiltration vectors across 10 AI tool clients. - **URL**: https://www.freshcrate.ai/projects/mcp-scan - **Author**: rodolfboctor - **Category**: MCP Servers - **Latest version**: `v2.0.0` (2026-03-28) - **License**: MIT - **Source**: https://github.com/rodolfboctor/mcp-scan - **Homepage**: https://www.npmjs.com/package/mcp-scan - **Language**: TypeScript - **GitHub**: 23 stars, 3 forks - **Registry**: github - **Tags**: `ai-security`, `ai-tools`, `claude`, `cli`, `cursor`, `devsecops`, `devtools`, `github-action`, `typescript` ## Description Security scanner for MCP server configurations. Detects secrets, CVEs, permission issues, and exfiltration vectors across 10 AI tool clients. ## Recent releases | Version | Date | Urgency | Changes | | --- | --- | --- | --- | | `v2.0.0` | 2026-03-28 | Medium | # mcp-scan v2.0: Data Controls for MCP Servers MCP servers run with full access to your filesystem, your API keys, and your network. Until now, there was no way to know where your data goes after an MCP server processes it. mcp-scan v2.0 changes that. ## What's new **Data Flow Analyzer** - Static analysis that traces data from sensitive sources (filesystem reads, environment variables, clipboard) to external sinks (HTTP endpoints, process execution). If an MCP server can read your files and a | | `v1.7.3` | 2026-03-24 | Medium | ## What's changed ### Security fixes - **Secret scanner**: Removed 7 false-positive-prone patterns that matched generic strings (AWS Secret Key, Bitbucket App Password, duplicate Firebase, and several prefix-less patterns). All replaced with proper prefix-anchored regexes. - **CI command**: Fixed double JSON output — `mcp-scan --ci` was printing two JSON objects to stdout, breaking CI consumers. - **Fix command**: Fixed process hang — `readline` interface now scoped inside `runFix()`, preventin | | `v1.7.0` | 2026-03-24 | Medium | ## What's new in v1.7.0 ### New commands - `mcp-scan dashboard` — interactive TUI dashboard built with blessed-contrib - `mcp-scan proxy` — local proxy that intercepts MCP server traffic with PII masking - `mcp-scan doctor` — system diagnostic check - `mcp-scan history` — scan history trends and statistics - `mcp-scan report` — aggregate scan report across multiple config directories - `mcp-scan diff` — compare two scan reports and show changes ### New scanners and detections - Tool | | `v1.0.2` | 2026-03-23 | Medium | ## What's new - **Gemini CLI support** — auto-detects `~/.gemini/settings.json` on macOS, Windows, and Linux - **`--config` flag** — scan any MCP config file directly: `mcp-scan scan --config /path/to/config.json` - **Project-level Gemini detection** — scans `.gemini/settings.json` in the current directory ## Supported tools - Claude Desktop - Cursor - VS Code - Claude Code - Windsurf - **Gemini CLI (new)** - Project-local configs ## Install / upgrade ```bash npx mcp-scan@latest ``` | | `v1.0.0` | 2026-03-23 | Medium | ## mcp-scan v1.0.0 Security scanner for MCP (Model Context Protocol) server configurations. ### What it does - **Secret detection** — finds leaked API keys, tokens, and credentials in your MCP config files - **Typosquatting detection** — flags suspicious package names that impersonate popular MCP servers - **Misconfiguration checks** — catches common config mistakes before they cause problems - **Multi-tool support** — scans Claude Desktop, Cursor, VS Code, and Claude Code configs ### Instal | ## Citation - HTML: https://www.freshcrate.ai/projects/mcp-scan - Markdown: https://www.freshcrate.ai/projects/mcp-scan.md - Dependencies JSON: https://www.freshcrate.ai/api/projects/mcp-scan/deps _Generated by freshcrate.ai. Indexes github releases for AI-agent ecosystem packages._