APIsec MCP Audit

Security governance for AI agent integrations

Welcome to APIsec MCP Audit

Discover AI agent integrations (MCPs) across your GitHub repos. Find exposed secrets, catalog API endpoints, and identify risky permissions.

Try the Demo

See MCP Audit in action with sample scan results. No GitHub token required.

▶ Try Demo Mode

View sample results from a fictional "acme-corp" organization

What You'll See

  • MCP Inventory: 12 MCPs discovered across repositories
  • Secrets Detection: 4 exposed credentials with rotation links
  • API Inventory: 6 database, REST, SSE endpoints
  • AI Models: 3 AI models (GPT-4o, Claude, Llama)
  • Risk Assessment: Critical, high, medium risk levels
  • Export: JSON, CSV, Markdown, AI-BOM reports
No token needed for demo
Runs entirely in your browser
No data sent to our servers

Ready to Audit Your Own Repos?

Scan Your GitHub Organization

Generate your own GitHub token with repo and read:org scopes, then scan your organization's repositories.

Scan Locally with the CLI

Download the CLI to scan local MCP configs in Claude Desktop, Cursor, VS Code. Use --secrets-only or --apis-only for focused scans.