Public MCP scan radar

MCP Security Radar

A no-execution snapshot of popular public MCP repos across browser automation, DevTools, GitHub, database, cloud, Notion, Atlassian, and browser-control surfaces. Scores are heuristic triage signals, not confirmed vulnerabilities or certifications.

Run your own scan Use Code Scanning Request paid audit Open fixed quote

Sample8 public repos

MethodUp to 90 selected text files per repo

SafetyNo dependency install or target code execution

HandoffUSD $1,000 human audit for one repo or slice

How to read this

Use the score to prioritize review, not to claim a bug

The scanner fetched public GitHub metadata plus a limited set of raw text files from each repo on June 20, 2026 Asia/Shanghai time. It looked for MCP surfaces, remote transports, write actions, credentials, auth gates, redaction, tests, and CI.

A low score means the selected files produced more review signals. It may also miss tests or controls that live outside the fetched slice, so paid work still starts with scope confirmation and fresh validation.

Browser automation surfaces need special review for clicks, sessions, page content, and downloads.

Cloud, database, GitHub, Notion, and Atlassian tools need write-mode and credential boundary tests.

Each card links to a shareable browser scan so maintainers can reproduce or rerun a public triage pass.

Radar snapshot

Popular public MCP repos with review signals

microsoft/playwright-mcp

Playwright MCP server

34,117 stars6 files scanned3 high / 1 medium

Top heuristic: Write actions detected without obvious tool safety annotations.

Open scan brief Run shareable scan Browser audit path

ChromeDevTools/chrome-devtools-mcp

Chrome DevTools for coding agents

44,014 stars87 files scanned0 high / 2 medium

Top heuristic: Remote listener needs an explicit exposure policy.

Open scan brief Run shareable scan Browser audit path

github/github-mcp-server

GitHub's official MCP Server

30,819 stars59 files scanned0 high / 2 medium

Top heuristic: Remote listener needs an explicit exposure policy.

Open scan brief Run shareable scan General audit path

googleapis/mcp-toolbox

MCP Toolbox for Databases

15,664 stars90 files scanned1 high / 2 medium

Top heuristic: No obvious tests found in the fetched slice.

Run shareable scan Database audit path

awslabs/mcp

Open source MCP Servers for AWS

9,302 stars90 files scanned1 high / 2 medium

Top heuristic: Credential signals detected without redaction signals in the fetched slice.

Run shareable scan Cloud audit path

makenotion/notion-mcp-server

Official Notion MCP Server

4,444 stars31 files scanned0 high / 2 medium

Top heuristic: Remote listener needs an explicit exposure policy.

Run shareable scan Workspace audit path

sooperset/mcp-atlassian

MCP server for Atlassian tools

5,422 stars89 files scanned1 high / 2 medium

Top heuristic: No obvious tests found in the fetched slice.

Run shareable scan Workspace audit path

BrowserMCP/mcp

Browser-control MCP server

6,700 stars14 files scanned3 high / 0 medium

Top heuristic: Remote listener detected without nearby auth or permission signals.

Open scan brief Run shareable scan Browser audit path

Convert a signal

When to use the paid audit

You have remote transport, hosted MCP, browser-control, cloud, database, or account-writing tools.
The free scan points to write actions, credential paths, missing redaction evidence, or weak test visibility.
You need human validation, source-specific evidence, a ranked fix plan, and launch notes.
Payment starts only after written scope acceptance; the fixed quote is USD $1,000.

Start audit from scan Open quote Review terms