Available on PyPI

Shadow AI Agents Are Hiding in Your Systems

MCPShield discovers unauthorized MCP servers across your organization. See what Claude, ChatGPT, and other AI tools can access before attackers do.

See Live Demo View on GitHub
Open source • Free to use • Privacy-first
MCPShield Dashboard
3
12 Servers
3 High Risk
8 Agents
postgres-prod CRITICAL
filesystem HIGH
github-api MEDIUM
slack-bot LOW
Critical Risk Detected postgres-prod has DB credentials
Agent Online DESKTOP-ABC reporting
Scroll to explore
The Problem

Your Employees Are Building
Shadow AI Infrastructure

MCP servers give AI assistants direct access to databases, file systems, and APIs. Security teams have zero visibility.

Invisible Attack Surface

Developers configure MCP servers with database credentials, API keys, and file system access. You can't secure what you can't see.

Real risk AI tools now have direct access to your most sensitive systems

Credential Exposure

MCP configs often contain plaintext passwords, API tokens, and connection strings. One leaked config = full database access.

Common issue MCP configs frequently contain plaintext passwords and API tokens

Compliance Nightmare

AI tools with uncontrolled data access violate SOC2, HIPAA, and GDPR. Auditors are starting to ask about AI governance.

Growing concern Auditors are starting to ask about AI governance and data access controls
Solution

Complete Visibility.
Zero Blind Spots.

MCPShield scans every machine, discovers every MCP server, and assesses every risk—automatically.

Automatic Discovery

Deploy a lightweight agent that scans for MCP configurations across Claude Desktop, Cursor, VS Code, and custom setups. No manual inventory needed.

  • Cross-platform support (Windows, macOS, Linux)
  • Detects Claude, ChatGPT, Cursor, and custom MCP
  • Privacy-first: Never captures credential values
Terminal
$ mcpshield scan
Scanning for MCP servers...
Found claude_desktop_config.json
Found cline_mcp_settings.json
Discovered 4 MCP servers:
● postgres CRITICAL (85)
● filesystem HIGH (62)
● github MEDIUM (35)
● slack LOW (12)

Intelligent Risk Scoring

Our engine analyzes each MCP server's configuration to calculate a risk score from 0-100. Prioritize what matters most.

  • Detects database access patterns
  • Identifies sensitive environment variables
  • Evaluates file system scope permissions
postgres-prod 85
Database Access +30
Sensitive Credentials +25
Container Execution +20
Network Access +10
Environment Variables:
DATABASE_URL POSTGRES_PASSWORD DB_HOST

On-Demand Scanning

Run scans whenever you need them. Get a complete inventory of every MCP server on a machine in seconds.

  • Run a scan any time with a single command
  • Results uploaded to your dashboard automatically
  • Scheduled scanning & change tracking coming soon
Activity Timeline Live
2m ago
+ New server: openai-api
15m ago
~ Changed: postgres env vars
1h ago
Scheduled scan completed
3h ago
- Removed: test-db

Dashboard Alerts

Critical findings are surfaced immediately in your dashboard so your team can act fast on high-risk configurations.

  • Risk-based severity levels (Critical / High / Medium / Low)
  • Detailed breakdown of each risk factor
  • Slack & webhook integrations coming soon
CRITICAL Just now
High-risk server detected
postgres-prod has database credentials exposed. Risk score: 85/100.
How It Works

Three Steps to
Complete Visibility

Get your first security insights in under 5 minutes.

01

Deploy Agent

Install our lightweight Python agent on endpoints. One pip command, works everywhere.

pip install mcpshield-agent
02

Configure & Scan

Configure your agent with an API key, then run a scan to discover MCP configs.

mcpshield configure --api-key YOUR_KEY
mcpshield scan
03

Review & Act

See all servers in your dashboard with risk scores. Take action on high-risk configurations.

mcpshield scan --report
Live Demo

See It In Action

Watch MCPShield discover MCP servers in real-time.

MCPShield Demo
Overview
Servers
Alerts 3

Simulates a scan discovering MCP servers

Risk Score Badges

Embed security status
in your docs

Give your team instant visibility into MCP server risk. Embed dynamic risk score badges in your internal wikis, READMEs, or Confluence pages. Badges update in real-time as your security posture changes.

MCPShield postgres-prod Critical 85
MCPShield github-mcp Medium 35
MCPShield slack-mcp Low 12 
<!-- Embed in your internal docs -->
<img src="https://app.mcpshield.app/badge/{server-id}" alt="MCPShield Risk Score" />

<!-- Markdown format -->
![MCPShield Risk](https://app.mcpshield.app/badge/{server-id})
Installation & Integrations

Deploy in Minutes,
Integrate Everywhere

Get MCPShield running with a single command. Native packages for every platform, plus built-in hooks for the enterprise tools your security team already uses.

pip PyPI (All Platforms)

pip install mcpshield-agent

Available now on PyPI. Works on Windows, macOS, and Linux.

brew Homebrew (macOS/Linux)

brew tap mcpshield/tap
brew install mcpshield

apt APT (Debian/Ubuntu)

curl -fsSL https://pkg.mcpshield.app/gpg | sudo gpg --dearmor -o /usr/share/keyrings/mcpshield.gpg
echo "deb [signed-by=/usr/share/keyrings/mcpshield.gpg] https://pkg.mcpshield.app/deb stable main" | sudo tee /etc/apt/sources.list.d/mcpshield.list
sudo apt update && sudo apt install mcpshield

rpm RPM (RHEL/Fedora/CentOS)

sudo rpm --import https://pkg.mcpshield.app/gpg
sudo dnf config-manager --add-repo https://pkg.mcpshield.app/rpm/mcpshield.repo
sudo dnf install mcpshield

Enterprise Integrations

Splunk

Forward risk alerts and server discovery events to Splunk via HEC (HTTP Event Collector). Real-time indexing of MCP security data.

Elastic / ELK

Ship alerts to Elasticsearch via Logstash or Filebeat. Pre-built Kibana dashboards for MCP risk visualization.

Microsoft Sentinel

Native Azure Sentinel connector. Correlate MCP risk events with your existing SIEM workflows.

Generic Webhook

Send alerts to any endpoint. Compatible with PagerDuty, OpsGenie, Slack, Teams, and custom automation.

Ready to Secure Your AI Infrastructure?

Start discovering shadow AI agents in your infrastructure today. Free and open source.

View on GitHub Watch Demo