Description

ToolTrust Scanner analyzes MCP server tool definitions to detect security risks including prompt injection, unauthorized data exfiltration, and privilege escalation patterns. It integrates directly into the MCP client workflow to evaluate server trustworthiness before tools are invoked. Results include actionable risk scores and specific vulnerability findings.

Installation

git clone https://github.com/agentsafe-ai/tooltrust-scanner

Claude Desktop Configuration

Add this configuration to your Claude Desktop config file to enable this MCP server:

Config file location: ~/Library/Application Support/Claude/claude_desktop_config.json

Config file location: %APPDATA%\Claude\claude_desktop_config.json

Config file location: ~/.config/Claude/claude_desktop_config.json

claude_desktop_config.json

{
  "mcpServers": {
    "tooltrust-scanner": {
      "command": "node",
      "args": [
        "path/to/server.js"
      ]
    }
  }
}