# mcp-scanner > Scan MCP servers for potential threats & security findings. - **URL**: https://www.freshcrate.ai/projects/mcp-scanner - **Author**: cisco-ai-defense - **Category**: MCP Servers - **Latest version**: `4.7.3` (2026-06-05) - **License**: Apache-2.0 - **Source**: https://github.com/cisco-ai-defense/mcp-scanner - **Homepage**: https://blogs.cisco.com/ai/securing-the-ai-agent-supply-chain-with-ciscos-open-source-mcp-scanner - **Language**: Python - **GitHub**: 898 stars, 108 forks - **Registry**: github - **Tags**: `agents`, `ai`, `mcp`, `python`, `security` ## Description Scan MCP servers for potential threats & security findings. ## Recent releases | Version | Date | Urgency | Changes | | --- | --- | --- | --- | | `4.7.3` | 2026-06-05 | High | ## What's Changed * fix(behavioral): bring AlignmentLLMClient to parity with LLMAnalyzer'… by @harishsg999 in https://github.com/cisco-ai-defense/mcp-scanner/pull/181 * fix(behavioral): only analyze MCP capabilities, not every helper func… by @harishsg999 in https://github.com/cisco-ai-defense/mcp-scanner/pull/177 * chore: bump version to 4.7.3 by @harishsg999 in https://github.com/cisco-ai-defense/mcp-scanner/pull/187 **Full Changelog**: https://github.com/cisco-ai-defense/mcp-scanner/c | | `4.7.2` | 2026-05-29 | High | ## What's Changed * Update MCP scanner LiteLLM dependency by @shrey-bagga in https://github.com/cisco-ai-defense/mcp-scanner/pull/179 ## New Contributors * @shrey-bagga made their first contribution in https://github.com/cisco-ai-defense/mcp-scanner/pull/179 **Full Changelog**: https://github.com/cisco-ai-defense/mcp-scanner/compare/4.7.1...4.7.2 | | `4.7.1` | 2026-05-22 | High | ## What's Changed * fix(behavioral): return SAFE findings for clean tools from analyze() by @harishsg999 in https://github.com/cisco-ai-defense/mcp-scanner/pull/175 * chore: bump version to 4.7.1 by @harishsg999 in https://github.com/cisco-ai-defense/mcp-scanner/pull/176 **Full Changelog**: https://github.com/cisco-ai-defense/mcp-scanner/compare/4.7.0...4.7.1 | | `4.7.0` | 2026-05-19 | High | ## What's Changed * feat: Add vulnerable packages analyzer for Python dependency scanning by @harishsg999 in https://github.com/cisco-ai-defense/mcp-scanner/pull/136 * docs: add complete JSON output schema reference to output-formats.md by @harishsg999 in https://github.com/cisco-ai-defense/mcp-scanner/pull/154 * feat(analyzer): add MCPS protocol security analyzer (DAST) by @razashariff in https://github.com/cisco-ai-defense/mcp-scanner/pull/160 * Scan resource contents in static mode by @Bi | | `4.6.0` | 2026-04-14 | High | ## What's Changed * feat: add configurable stdio timeout via --stdio-timeout flag and MCP_SCANNER_STDIO_TIMEOUT env var by @harishsg999 in https://github.com/cisco-ai-defense/mcp-scanner/pull/153 * Fix/logging and stderr control by @harishsg999 in https://github.com/cisco-ai-defense/mcp-scanner/pull/155 * feat: Add multi-language support for behavioral code scanning by @harishsg999 in https://github.com/cisco-ai-defense/mcp-scanner/pull/117 * Bump version to 4.6.0 by @harishsg999 in https:// | | `4.5.0` | 2026-04-06 | High | ## What's Changed * deps: pin litellm to 1.83.0 (post-PyPI incident) by @ihabler in https://github.com/cisco-ai-defense/mcp-scanner/pull/145 * feat: Prompt Defense Analyzer — 12-vector system prompt hardening checks by @ppcvote in https://github.com/cisco-ai-defense/mcp-scanner/pull/146 * fix: tighten LLM threat analysis prompt to make it consistent by @harishsg999 in https://github.com/cisco-ai-defense/mcp-scanner/pull/135 * updated version 4.5.0 by @harishsg999 in https://github.com/cisco | | `4.4.0` | 2026-03-26 | Medium | ## What's Changed * feat: integrate VirusTotal binary file malware scanning into static a… by @harishsg999 in https://github.com/cisco-ai-defense/mcp-scanner/pull/119 * chore: bump version to 4.4.0 by @harishsg999 in https://github.com/cisco-ai-defense/mcp-scanner/pull/142 **Full Changelog**: https://github.com/cisco-ai-defense/mcp-scanner/compare/4.3.1...4.4.0 | | `4.3.1` | 2026-03-24 | Medium | ### What's Changed - Pinning litellm version to 1.80.16 | | `4.3.0` | 2026-03-10 | Low | ## What's Changed * Add PyInstaller build support for macOS binary by @keitheobrien in https://github.com/cisco-ai-defense/mcp-scanner/pull/127 * Normalize severity: use threats.py as single source of truth for all Analyzer by @harishsg999 in https://github.com/cisco-ai-defense/mcp-scanner/pull/129 * add remote MCP evaluation suite dataset by @harishsg999 in https://github.com/cisco-ai-defense/mcp-scanner/pull/116 * added CI/CD workflow by @harishsg999 in https://github.com/cisco-ai-defense | | `v4.2.0-macos` | 2026-02-15 | Low | Pre-built macOS arm64 binary distribution of mcp-scanner v4.2.0. | ## Citation - HTML: https://www.freshcrate.ai/projects/mcp-scanner - Markdown: https://www.freshcrate.ai/projects/mcp-scanner.md - Dependencies JSON: https://www.freshcrate.ai/api/projects/mcp-scanner/deps _Generated by freshcrate.ai. Indexes github releases for AI-agent ecosystem packages._