io.github.bawbel/scannerdev-tools

Bawbel Scanner

Verified · today

Security scanner for MCP servers and skill files. Detects AVE vulnerabilities before production.

Install

claude mcp add scanner -- uvx bawbel-scanner

Our take

Security scanner for MCP servers, skill files, and related agent components, with static checks for prompt injection, tool poisoning, toxic flows, secrets, and conformance. It is young and the AVE/AIVSS ecosystem is largely the vendor’s own, but the repo has real implementation, tests, Docker packaging, and clear “never executes your server” positioning. Best fit is a preflight scanner for teams experimenting with agent-facing files rather than a mature replacement for general AppSec tools.

reviewed by hand · 2026-07-06

Something wrong or dead here? Report it

Verification record

last verified
today
github stars
9
last commit
yesterday
archived
no
license
NOASSERTION
in registry since
2026-05-23

github.com/bawbel/scanner