Scan source code repositories for MCP configurations, dependencies, and server definitions.
Scan your local machine for MCP configurations in Claude Desktop, Cursor, VS Code, and other applications.
Download CLI Tool
The CLI tool scans your local computer for MCP configurations in:
- Claude Desktop - Anthropic's desktop application
- Cursor - AI-powered code editor
- VS Code - With Continue extension
- Windsurf - Codeium's editor
- Zed - Modern code editor
- Project folders - .mcp/ directories, mcp.json files
Installation Instructions
Download the ZIP file above and extract it to a folder
Open Terminal (Mac) or Command Prompt (Windows)
cd mcp-audit-cli
pip install -e .
mcp-audit scan
Requirements: Python 3.9 or higher
Don't have Python? Download Python
CLI Commands
mcp-audit scan
Scans your local machine for all MCP server configurations.
Checks Claude Desktop, Cursor, VS Code, Windsurf, Zed, and project folders.
Displays a summary table showing each MCP found with its risk level.
mcp-audit scan --verbose
Runs the same scan but with detailed output for each step.
Shows exactly which configuration files are being checked.
Useful for troubleshooting or understanding what the tool is doing.
mcp-audit registry
Displays the complete list of known MCP servers in our database.
Shows provider, risk level, and description for each registered MCP.
Helps you identify whether an MCP is from a trusted source.
mcp-audit registry --risk critical
Filters the registry to show only MCPs with critical risk level.
Critical MCPs have access to databases, cloud infrastructure, or shell commands.
Use this to quickly identify the most sensitive MCP servers in your environment.
mcp-audit scan --format json -o results.json
Exports your scan results to a JSON file for further analysis.
Perfect for integrating with other security tools or CI/CD pipelines.
Also supports CSV and Markdown formats for reports and documentation.