by MCP-Defender
Desktop app that automatically scans and blocks malicious MCP traffic in AI apps like Cursor, Claude, VS Code and Windsurf.
# Add to your Claude Code skills
git clone https://github.com/MCP-Defender/MCP-DefenderGuides for using mcp servers skills like MCP-Defender.
Last scanned: 5/30/2026
{
"issues": [
{
"type": "npm-audit",
"message": "@aws-sdk/client-s3: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/client-sso: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/core: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-env: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-http: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-ini: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-node: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-process: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-sso: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-web-identity: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/middleware-flexible-checksums: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/middleware-sdk-s3: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/middleware-user-agent: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/nested-clients: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/signature-v4-multi-region: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/token-providers: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/util-user-agent-node: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@electron-forge/cli: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/core: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/core-utils: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/maker-base: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/maker-deb: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/maker-dmg: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/maker-rpm: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/maker-squirrel: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/maker-zip: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/plugin-auto-unpack-natives: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/plugin-base: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/plugin-fuses: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/plugin-vite: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/publisher-base: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/publisher-github: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/publisher-s3: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/publisher-static: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/shared-types: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/template-base: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/template-vite: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/template-vite-typescript: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/template-webpack: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron-forge/template-webpack-typescript: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron/node-gyp: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@electron/rebuild: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@modelcontextprotocol/sdk: Anthropic's MCP TypeScript SDK has a ReDoS vulnerability",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@octokit/core: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@octokit/graphql: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@octokit/plugin-paginate-rest: @octokit/plugin-paginate-rest has a Regular Expression in iterator Leads to ReDoS Vulnerability Due to Catastrophic Backtracking",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@octokit/request: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@octokit/request-error: @octokit/request-error has a Regular Expression in index that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@octokit/rest: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@smithy/config-resolver: AWS SDK for JavaScript v3 adopted defense in depth enhancement for region parameter value",
"severity": "low"
},
{
"type": "npm-audit",
"message": "@smithy/middleware-retry: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@tootallnate/once: @tootallnate/once vulnerable to Incorrect Control Flow Scoping",
"severity": "low"
},
{
"type": "npm-audit",
"message": "@xmldom/xmldom: xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion",
"severity": "high"
},
{
"type": "npm-audit",
"message": "ajv: ajv has ReDoS when using `$data` option",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "axios: Axios is vulnerable to DoS attack through lack of data size check",
"severity": "high"
},
{
"type": "npm-audit",
"message": "body-parser: body-parser is vulnerable to denial of service when url encoding is used",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "brace-expansion: brace-expansion Regular Expression Denial of Service vulnerability",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "cacache: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "diff: jsdiff has a Denial of Service vulnerability in parsePatch and applyPatch",
"severity": "low"
},
{
"type": "npm-audit",
"message": "electron: Electron has ASAR Integrity Bypass via resource modification",
"severity": "high"
},
{
"type": "npm-audit",
"message": "express: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "fast-xml-parser: fast-xml-parser has an entity encoding bypass via regex injection in DOCTYPE entity names",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "flatted: flatted vulnerable to unbounded recursion DoS in parse() revive phase",
"severity": "high"
},
{
"type": "npm-audit",
"message": "follow-redirects: follow-redirects leaks Custom Authentication Headers to Cross-Domain Redirect Targets",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "form-data: form-data uses unsafe random function in form-data for choosing boundary",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "glob: glob CLI: Command injection via -c/--cmd executes matches with shell:true",
"severity": "high"
},
{
"type": "npm-audit",
"message": "ip-address: ip-address has XSS in Address6 HTML-emitting methods",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "js-yaml: js-yaml has prototype pollution in merge (<<)",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "lodash: Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions",
"severity": "high"
},
{
"type": "npm-audit",
"message": "make-fetch-happen: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "minimatch: minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"severity": "high"
},
{
"type": "npm-audit",
"message": "path-to-regexp: path-to-regexp vulnerable to Regular Expression Denial of Service via multiple route parameters",
"severity": "high"
},
{
"type": "npm-audit",
"message": "picomatch: Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching",
"severity": "high"
},
{
"type": "npm-audit",
"message": "postcss: PostCSS has XSS via Unescaped </style> in its CSS Stringify Output",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "qs: qs's arrayLimit bypass in comma parsing allows denial of service",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "rollup: Rollup 4 has Arbitrary File Write via Path Traversal",
"severity": "high"
},
{
"type": "npm-audit",
"message": "socks: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "tar: node-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path Traversal",
"severity": "high"
},
{
"type": "npm-audit",
"message": "tmp: tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter",
"severity": "high"
},
{
"type": "npm-audit",
"message": "uuid: uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "vite: Vite middleware may serve files starting with the same name with the public directory",
"severity": "high"
},
{
"type": "npm-audit",
"message": "ws: ws: Uninitialized memory disclosure",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "yaml: yaml is vulnerable to Stack Overflow via deeply nested YAML collections",
"severity": "medium"
}
],
"status": "FAILED",
"scannedAt": "2026-05-30T15:20:11.339Z",
"npmAuditRan": true,
"pipAuditRan": true
}MCP-Defender is an open-source mcp servers skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by MCP-Defender. Desktop app that automatically scans and blocks malicious MCP traffic in AI apps like Cursor, Claude, VS Code and Windsurf. It has 254 GitHub stars.
MCP-Defender failed SkillsLLM's automated security scan, which flagged one or more high-severity issues. Review the Security Report section carefully before using it.
Clone the repository with "git clone https://github.com/MCP-Defender/MCP-Defender" and add it to your Claude Code skills directory (see the Installation section above).
MCP-Defender is primarily written in TypeScript. It is open-source under MCP-Defender on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other MCP Servers skills you can browse and compare side by side. Open the MCP Servers category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh MCP-Defender against similar tools.
No comments yet. Be the first to share your thoughts!
Top skills in this category by stars
Requires a passing catalog security scan. Resolve the flagged issues and resubmit to enable featuring.
🛡️ MCP Defender is a desktop app that protects AI apps like Cursor from a variety of attacks.
🚦 All MCP tool call requests and responses from AI apps are automatically proxied through MCP Defender.
🔎 The intercepted data is then checked against a set of signatures.
🔐 If anything harmful is detected, MCP Defender alerts you and asks if you want to allow or block the tool call.
https://github.com/user-attachments/assets/363ae2b1-e395-4cdc-b5ca-e9862baf89c3
Alternatively you can clone the git repo, and run it as follows:
# Install dependencies
npm install
# Start app
npm start
MCP Defender protects Cursor, Claude, Visual Studio Code and Windsurf.
MCP Defender is licensed under the AGPL-3.0 license. For more details, see the LICENSE.