meok-mcp-injection-scan-mcp

meok-mcp-injection-scan-mcp

Scans MCP servers for prompt-injection, tool-poisoning, and SSRF vulnerabilities using 30+ canonical rules across 5 severity tiers, with optional signed safety reports for procurement.

Category
Visit Server

README

meok-mcp-injection-scan-mcp

Scan any MCP server for the prompt-injection / tool-poisoning / SSRF class disclosed in the April 2026 CVE wave.

pip install meok-mcp-injection-scan-mcp

Why this exists

April 2026 was a bad month for MCP. Anthropic published a "by-design" MCP RCE class affecting ~7,000 public servers (~150M downloads). mcp-server-git shipped a CVE chain. DockerDash got popped by an injection chain. Tool-description prompt injection ("tool poisoning") was demonstrated against every major MCP host.

If you run an MCP server in production, or you're auditing one before adoption, you need a fast scan that flags the patterns the April 2026 disclosures target. This MCP is that scan.

What it checks

30+ canonical rules across 5 severity tiers:

  • CRITICAL — direct RCE, system-prompt override, credential exfil patterns, shell metachars in defaults, file:// / internal-network URLs (the DockerDash 169.254.169.254 metadata-pivot vector).
  • HIGH — encoded payloads, imperative directives at the agent, supply-chain prompts, env-var references, tool shadowing.
  • MEDIUM — urgency / authority language, additionalProperties=true, unbounded strings, tool-name impersonation.
  • LOW — over-long descriptions, zero-width / bidi-override chars (the U+202E PoC vector).

Coverage maps to: OWASP LLM Top 10, GenAI Red Team v1, the April 2026 Anthropic MCP RCE disclosure, and the mcp-server-git CVE chain.

Tools exposed

Tool Purpose
scan_mcp_url(url) Fetch a remote MCP server's tool listing and scan it
audit_tool_descriptions(tools_json) Scan a pasted JSON tool list (auth-walled servers)
signed_safety_report(subject, findings_json, score, note) Issue a procurement-grade signed cert (Pro tier)
list_rules() Inspect the full rule catalogue before subscribing
pricing() Subscribe links + tier comparison

Pricing

Tier Price What you get
Free £0 5 scans / day, no signed reports
Starter £29/mo Unlimited scans + signed reports
Pro £79/mo + scheduled rescans + 48h support
Enterprise £1,499/mo + custom rule packs + 4h SLA

Every signed cert lives at https://meok-attestation-api.vercel.app/verify/<cert_id> — auditors and procurement teams confirm without an account.

What you do NOT get

This is a static-pattern scanner. It does not run dynamic taint analysis, fuzz the server with adversarial inputs, or replace a human red-team. It is the first 80% of the audit, in 5 seconds, for free.

Built by MEOK AI Labs

Solo founder. London. 234 MCP packages on PyPI. Live signing infrastructure at meok-attestation-api.vercel.app. Storefront councilof.ai. Get the catalogue: https://meok-attestation-api.vercel.app/catalogue.

Distribution channels

  • PyPI: pip install meok-mcp-injection-scan-mcp (this package)
  • Apify Store (Pay-Per-Event): https://apify.com/knowing_yucca/meok-mcp-injection-scan
  • GitHub (source): https://github.com/CSOAI-ORG/MEOK-LABS/tree/main/mcps/meok-mcp-injection-scan-mcp
  • Sponsor: https://github.com/sponsors/CSOAI-ORG · Pro £79/mo →

Recommended Servers

playwright-mcp

playwright-mcp

A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.

Official
Featured
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.

Official
Featured
Local
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.

Official
Featured
Local
TypeScript
VeyraX MCP

VeyraX MCP

Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.

Official
Featured
Local
graphlit-mcp-server

graphlit-mcp-server

The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.

Official
Featured
TypeScript
Kagi MCP Server

Kagi MCP Server

An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.

Official
Featured
Python
E2B

E2B

Using MCP to run code via e2b.

Official
Featured
Neon Database

Neon Database

MCP server for interacting with Neon Management API and databases

Official
Featured
Exa Search

Exa Search

A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.

Official
Featured
Qdrant Server

Qdrant Server

This repository is an example of how to create a MCP server for Qdrant, a vector search engine.

Official
Featured