vigile-mcp

Security scanner for MCP servers and agent skills

MCP ServerSecurityTrust ScoresFree

Quick Install

npx vigile-mcp# runs without install

Or install globally: npm install -g vigile-mcp

Add to your MCP client

Claude Code / Claude Desktop

Add to ~/.claude/claude_desktop_config.json:

{
  "mcpServers": {
    "vigile": {
      "command": "npx",
      "args": ["-y", "vigile-mcp"]
    }
  }
}

Cursor

Add to .cursor/mcp.json in your project:

{
  "mcpServers": {
    "vigile": {
      "command": "npx",
      "args": ["-y", "vigile-mcp"]
    }
  }
}

Windsurf

Add to ~/.codeium/windsurf/mcp_config.json:

{
  "mcpServers": {
    "vigile": {
      "command": "npx",
      "args": ["-y", "vigile-mcp"]
    }
  }
}

Available Tools

get_trust_score

Get the trust score and security findings for any MCP server in the registry.

"Check the trust score for filesystem-mcp"

scan_server

Run a full security scan on an MCP server by name or npm package URL.

"Scan this MCP server for vulnerabilities"

scan_skill

Analyze a SKILL.md or .mdc file for injection, malware delivery, and stealth patterns.

"Scan this skill file for threats"

search_registry

Search the Vigile trust registry for MCP servers and skills by name or keyword.

"Find MCP servers related to databases"

Configuration

VariableDefaultDescription
VIGILE_API_URLhttps://api.vigile.devAPI endpoint (override for self-hosted)
VIGILE_API_KEYAPI key for higher rate limits (optional)

Links

GitHub

Source code & issues

npm

vigile-mcp v0.1.2

MCP Security

Learn more about MCP scanning