🔥AgentScoreKYA

MCP Security Scanner

Scan any npm package for security issues. Free, instant, no signup.

Enter any npm package name to scan it for security issues.

We check install scripts, prompt injection patterns, suspicious URLs, dependencies, and metadata.

🛡️

Install Scripts

Detects postinstall hooks that run arbitrary code

💉

Prompt Injection

Finds manipulation patterns in tool descriptions

🔗

Suspicious URLs

Flags raw IPs, sketchy TLDs, exfiltration endpoints

Part of KYA (Know Your Agent) — real-time AI agent verification.
Scan results for critical/high findings are automatically added to the KYA abuse database.