Security & Auth MCP servers let an AI assistant do real security work instead of giving generic advice. Once connected, the assistant can scan code for secrets and risky flows, inspect packages for supply chain threats, query threat intelligence, review email authentication reports, manage identity providers, and pull data from physical access or enterprise security systems. That means you can investigate suspicious infrastructure, debug authentication setups, review exposure from a dependency change, or audit security posture from the same chat where you write code and operate systems.
This category is most useful for application developers, platform teams, DevSecOps engineers, IT admins, and security analysts who need fast answers tied to live systems. It is also useful for teams adopting AI tools inside real environments, where the assistant needs guardrails before it can touch sensitive tools or data. The best servers in this category help the assistant produce evidence-backed results, enforce policy, and work against current security data instead of stale documentation or pasted logs.
“Scan this dependency update for malicious packages and explain which imports violate our supply chain policy using vet-mcp.”
viavet-mcp“Analyze this repository for hardcoded secrets, dead code, and exploitable flows before I merge the branch using skylos.”
viaskylos“Hunt for connections related to this suspicious IP across our linked security data sources and summarize the findings using crowdsentinel-mcp-server.”
viacrowdsentinel-mcp-server“Look up this public IP, list exposed services, and flag any known CVEs tied to it using shodan.”
viashodan| # | Server | Stars |
|---|---|---|
| 1 | Vet Mcp The MCP server runs the 'vet' tool, which provides real-time malicious package detection and software supply chain security by analyzing code usage and enforcing security policies. | 1.1k |
| 2 | Openosint OpenOSINT is an AI-powered OSINT agent exposed as an MCP server, CLI, REPL, and web UI. Its MCP server makes 18 investigation tools available for tasks like email, username, IP, domain, breach, phone, Shodan, VirusTotal, Censys, AbuseIPDB, GitHub, DNS, dork search, and URL scraping. |
It gives the assistant direct access to security tools and data sources such as static analysis scanners, threat intel APIs, identity platforms, DMARC reports, and security investigation systems. The assistant can then run checks, query live data, and perform approved admin actions inside the conversation.
No. Developers use them to catch secrets, vulnerable packages, and auth misconfigurations before merge. Platform and IT teams use them to manage identity settings, review access systems, and investigate infrastructure exposure without switching between dashboards.
Scanners inspect code, packages, domains, files, or telemetry and return findings. Gateways and guardrail tools sit in front of MCP tool usage and block unsafe actions, malicious servers, prompt injection attempts, or risky package installs before the assistant executes anything.
Confirm whether the server supports read-only mode, scoped credentials, and action logging. Use the smallest permission set possible, keep high-risk actions behind approval, and prefer servers that make every tool call auditable.
555 servers
safedep
Protect your AI agents and IDEs from malicious open-source packages.
SonoTommy
AI-powered OSINT agent & MCP server. 16 tools: email, breach, IP, WHOIS, DNS, Shodan, GitHub & more.
sirkirby
Manage UniFi Access doors, credentials, policies, visitors, and events via MCP.
duriantaco
Dead code, security, secrets detection and code quality for Python, TypeScript, Go.
sathergate
Encrypted secrets for Next.js. AES-256-GCM with no vault needed.
smart-mcp-proxy
Local-first MCP proxy with BM25 tool discovery, security scanning, quarantine & ~99% token savings
codespar
MCP server for Persona — developer-first identity verification + KYC (inquiries, accounts, reports)
codespar
MCP server for Jumio — global identity verification + KYX: documents, liveness, AML screening
codespar
MCP server for Legiti — Brazilian fraud prevention: real-time order evaluation, chargeback feedback
codespar
MCP server for Konduto — Brazilian fraud prevention: order risk scoring, device intel, lists
codespar
MCP server for Unico — Brazilian identity + KYC: CPF/CNPJ, OCR, face match, liveness, PEP/watchlists
codespar
MCP server for Certta — Brazilian KYC/KYB: biometrics, OCR, ICP-Brasil e-signature, onboarding
codespar
MCP server for Caf — Brazilian KYC/KYB: face auth + liveness, document OCR, orchestrated onboarding
codespar
MCP server for Onfido — global identity verification + KYC: applicants, documents, checks, workflows
jeff-nasseri
MCP server for MikroTik routers: firewall, NAT, routing, DHCP, DNS, WireGuard and more via SSH.
CrowdStrike
Connects AI agents with CrowdStrike Falcon for security analysis and automation.
thomasxm
AI-powered threat hunting and incident response MCP server for Elasticsearch/OpenSearch
meysam81
Lightweight DMARC parser: auto-fetch email reports, visualize compliance in a single all-in-one app
raullenchai
Ephemeral encrypted file sharing for AI. AES-256 encryption, 24h auto-vaporization.
bx33661
Professional network analysis with tshark. Security audits, deep-dives, and threat detection.
jnMetaCode
AI agent security: 7 MCP tools for injection detection, PII scanning, command safety, DLP.
sathergate
Rate limiting for Next.js. Zero-dependency sliding window and token bucket.
sinewaveai
Security layer for AI agents: blocks prompt injection, detects fake packages, scans vulnerabilities.
auth0
Auth0 MCP Server: Manage Auth0 applications, APIs, actions, logs, and forms using natural language
snyk
Easily find and fix security issues in your applications leveraging Snyk platform capabilities.
Pantheon-Security
Security-hardened NotebookLM MCP with post-quantum encryption
sonatype
Sonatype component intelligence: versions, security analysis, and Trust Score recommendations
pdaxt
AI agent fleet orchestration runtime. Spawn, coordinate, monitor autonomous agents.
gebalamariusz
AWS security scanner with attack chain detection, IAM privilege escalation, and fixes
dtkmn
Safe, self-hosted OWASP ZAP operator for guided AI security scans and reports.
kastelldev
Server security audit (413 checks), hardening, and fleet management across 4 cloud providers.
ariffazil
Constitutional AI kernel with 13 MCP tools, 888_JUDGE verdict pipeline, and VAULT999 ledger.
ariffazil
Constitutional AI Governance with 13 enforced floors (F1-F13) and tri-witness consensus for LLMs.
ariffazil
Constitutional AI governance server with 5-organ Trinity and enforced floors F1-F13.
mcpcap
An MCP server for analyzing PCAP files.
awslabs
AI agent tools for Open Security Controls Assessment Language (OSCAL)
microsoft
Official Microsoft MCP Server to query Microsoft Entra data using natural language
zscaler
Manage Zscaler Zero Trust Exchange via 280+ tools — ZPA, ZIA, ZDX, ZCC, EASM, and more.
prismer-ai
MCP server exposing Signet cryptographic signing, verification, and content hash tools over stdio.
mythos-agent
Open-source AI security agent: SAST, DAST, and policy-as-code over MCP.
johnzfitch
Token-efficient Ghidra RE: decompile, xrefs, Swift/ObjC, ELF/Mach-O, async analysis
vishisht16
AI safety middleware — detects self-harm and criminal intent in LLM prompts.
“Pull the VirusTotal report for this domain and summarize malicious relationships, recent detections, and reputation changes using virustotal.”
viavirustotal“Parse the latest DMARC reports from our inbox and tell me which senders are failing alignment for our domain using parse-dmarc.”
viaparse-dmarc“Create a new Auth0 application for our staging environment, attach the correct callback URLs, and show recent login errors using mcp-auth0.”
viamcp-auth0| 3 | Unifi Access Mcp UniFi MCP is a collection of servers that enable AI assistants and automation tools to interact with Ubiquiti UniFi controllers, targeting specific applications like Network, Protect, and Access. | 517 |
| 4 | Skylos Skylos is an open-source static analysis tool that detects dead code, hardcoded secrets, exploitable flows, and AI-generated security regressions in Python, TypeScript, and Go. It can be run locally or integrated into CI/CD workflows to gate pull requests. | 467 |
| 5 | Lockbox sathergate-toolkit is an agent-native infrastructure toolkit for Next.js that includes 8 packages designed for various functionalities like RBAC, image processing, and feature flags. | 441 |
| 6 | Mcpproxy Go MCPProxy is an open-source desktop application that enhances AI agents by enabling intelligent tool discovery and providing security against malicious MCP servers. | 290 |
| 7 | Mcp Persona MCP Dev LATAM is a catalog of MCP servers that wrap Latin American commerce and business APIs, including payments, fiscal invoicing, shipping, messaging, ERP, banking, identity, fraud, and crypto services. It also includes servers for agentic payment protocols such as Google UCP, Stripe ACP, AP2, and x402. | 253 |
| 8 | Mcp Jumio MCP Dev LATAM is a catalog of MCP servers that wrap Latin American commerce and business providers, plus agentic payment protocols, so AI agents can handle payments, invoicing, shipping, messaging, ERP, banking, and related workflows through one interface. It includes servers for providers like Asaas, Mercado Pago, Nuvem Fiscal, Melhor Envio, WhatsApp, and bank/payment rails such as Pix and x402. | 253 |
| 9 | Mcp Legiti A catalog of MCP servers that wrap Latin American commerce and business APIs, including payments, fiscal, logistics, messaging, ERP, banking, identity, and fraud services. It also includes servers for agentic payment protocols such as Google UCP, Stripe ACP, AP2, and x402. | 253 |
| 10 | Mcp Konduto MCP Dev LATAM is a catalog of MCP servers that wrap commerce, fiscal, logistics, messaging, banking, ERP, identity, fraud, crypto, and payment-protocol providers for Latin America. It lets AI agents perform end-to-end business workflows such as charging payments, issuing invoices, generating shipping labels, sending tracking messages, and reconciling accounts through one MCP interface. | 253 |