#Mcp-security

Showing 25 of 25 repositories tagged #mcp-security, ranked by stars

microsoft
microsoft
mcp-for-beginners

This open-source curriculum introduces the fundamentals of Model Context Protocol (MCP) through real-world, cross-language examples in .NET, Java, TypeScript, JavaScript, Rust and Python. Designed for developers, it focuses on practical techniques for building modular, scalable, and secure AI workflows from session setup to service orchestration.

Score
0
โ˜… 16.7k โ‘‚ 5.5k +26/day
Jupyter Notebook
nolabs-ai
nolabs-ai
nono

Sandbox any AI agent in seconds - zero setup, zero latency.

Score
100
โ˜… 3.0k โ‘‚ 204 +5/day
Rust
stacklok
stacklok
toolhive

ToolHive is an enterprise-grade platform for running and managing Model Context Protocol (MCP) servers.

Score
100
โ˜… 1.9k โ‘‚ 242 โ€”
Go
ThinkWatchProject
ThinkWatchProject
ThinkWatch

Enterprise AI bastion host for secure AI API and MCP access, with unified proxying, RBAC, audit logs, rate limiting, and cost tracking across OpenAI, Anthropic, Gemini, and self-hosted LLMs.

Score
50
โ˜… 957 โ‘‚ 21 โ€”
Rust
luckyPipewrench
luckyPipewrench
pipelock

Open-source AI agent firewall for MCP security and agent egress. Scans mediated HTTP, MCP, A2A, and WebSocket traffic for exfiltration, SSRF, and prompt injection, and emits mediator-signed action receipts: verifiable audit evidence from outside the agent.

Score
0
โ˜… 751 โ‘‚ 87 +1/day
Go
afshinm
afshinm
zerobox

Lightweight, cross-platform process sandboxing powered by OpenAI Codex's runtime. Sandbox any command with file, network, and credential controls.

Score
0
โ˜… 668 โ‘‚ 39 +1/day
Rust
cyproxio
cyproxio
mcp-for-security

MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. Integrate security testing and penetration testing into AI workflows.

Score
100
โ˜… 619 โ‘‚ 99 โ€”
TypeScript
lasso-security
lasso-security
mcp-gateway

A plugin-based gateway that orchestrates other MCPs and allows developers to build upon it enterprise-grade agents.

Score
100
โ˜… 377 โ‘‚ 31 โ€”
Python
agynio
agynio
platform

Agyn is an open-source Kubernetes-native runtime that moves AI agents like Claude Code and Codex from laptops to company infrastructure with the controls enterprises need.

Score
100
โ˜… 214 โ‘‚ 5 +7/day
TypeScript
KryptosAI
KryptosAI
mcp-observatory

Test, secure, and monitor MCP servers before agents depend on them.

Score
100
โ˜… 142 โ‘‚ 24 +1/day
TypeScript
alexgreensh
alexgreensh
repo-forensics

Offline security scanner for AI-agent repos, skills, plugins, and MCP servers.

Score
0
โ˜… 137 โ‘‚ 18 +11/day
Python
stephnangue
stephnangue
warden

The secure gateway connecting AI agents to enterprise systems.

Score
83
โ˜… 135 โ‘‚ 8 +2/day
Go
jnMetaCode
jnMetaCode
shellward

AI Agent Security Middleware โ€” 8-layer defense, DLP data flow, prompt injection detection, zero dependencies. SDK + MCP server for Claude Code, Cursor, LangChain, Hermes Agent & more.

Score
92
โ˜… 122 โ‘‚ 20 +6/day
TypeScript
soth-ai
soth-ai
mcp-reticle

Reticle intercepts, visualizes, and profiles JSON-RPC traffic between your LLM and MCP servers in real-time, with zero latency overhead. Stop debugging blind. Start seeing everything.

Score
0
โ˜… 113 โ‘‚ 46 +2/day
Rust
DmitrL-dev
DmitrL-dev
AISecurity

AI Security Platform: Defense (61 Rust engines + Micro-Model Swarm) + Offense (39K+ payloads)

Score
75
โ˜… 105 โ‘‚ 17 โ€”
Python
7WaySecurity
7WaySecurity
ai_osint

๐Ÿค– Curated AI OSINT resources โ€” Google dorks, Shodan queries, GitHub dorks, and techniques to discover exposed LLM endpoints, leaked AI API keys, misconfigured vector databases, and unprotected AI agents

Score
67
โ˜… 97 โ‘‚ 13 โ€”
Aimer-zero
Aimer-zero
redforge-ai

Open-core AI red teaming and offensive AI security evaluation platform.

Score
58
โ˜… 81 โ‘‚ 16 โ€”
Python
mcp-security-standard
mcp-security-standard
mcp-server-security-standard

MCP Server Security Standard (MSSS): an open, testable security control standard for certifying MCP servers, with levels, evidence requirements, and reporting schemas.

Score
50
โ˜… 74 โ‘‚ 13 โ€”
imran-siddique
imran-siddique
agent-os

[DEPRECATED] Moved to microsoft/agent-governance-toolkit

Score
0
โ˜… 72 โ‘‚ 21 +1/day
Python
ArmorerLabs
ArmorerLabs
Armorer-Guard

Fast local Rust scanner for AI-agent prompt injection, credential leaks, exfiltration, and risky tool calls

Score
42
โ˜… 40 โ‘‚ 10 โ€”
Rust
webpro255
webpro255
awesome-ai-agent-attacks

A curated timeline of real AI agent security incidents, breaches, and vulnerabilities (2024-2026). Every entry sourced and dated.

Score
33
โ˜… 34 โ‘‚ 3 +5/day
appsecco
appsecco
pentesting-mcp-servers-checklist

A practical, community-driven checklist for pentesting MCP servers. Covers traffic analysis, tool-call behavior, namespace abuse, auth flows, and remote server risks. Maintained by Appsecco and licensed for remixing.

Score
17
โ˜… 34 โ‘‚ 5 โ€”
opena2a-org
opena2a-org
hackmyagent

Metasploit for AI agents: scan, attack, and fix AI agents and MCP servers. Open source security toolkit.

Score
25
โ˜… 31 โ‘‚ 3 โ€”
TypeScript
sonuoffsec
sonuoffsec
DVAP

An OWASP-aligned intentionally vulnerable platform for learning and testing AI, LLM, RAG, MCP, and Agentic AI security.

Score
8
โ˜… 22 โ‘‚ 5 +2/day
TypeScript
alexdevassy
alexdevassy
MCP-Signature-Cloaking

This research introduces MCP Signature Cloaking - a novel backdoor technique that allows attackers to exploit hidden parameters in MCP servers, concealing malicious behavior behind interfaces that appear legitimate to both developers and AI models.

Score
0
โ˜… 12 โ‘‚ 4 +1/day
Related Topics
#mcp#ai-security#agent-security#llm-security#ai-agents#security#prompt-injection#cybersecurity#mcp-server#security-tools#model-context-protocol#python

ยฉ 2026 GitRepoTrend ยท GitHub repositories by topic ยท Updated weekly