Add MCPWatch as a security plugin / pre-install audit
MCPWatch (https://github.com/lazymac2x/mcpwatch) is an open-source MCP server security scanner that I think would fit this list — it's a "plugin" in the sense that it's the thing you run before you install any other MCP plugin.
What it ships
npx mcpwatch-scanner /path/to/mcp — 10 OWASP MCP Top 10 checks, A–F gradelazymac2x/mcpwatch-action@v1 — GitHub Action that blocks insecure MCP PRs- Daily Cloudflare-hosted crawler that grades every public MCP
- Public leaderboard at https://mcpwatch.pages.dev
- Live SVG badges + SARIF output for GitHub Code Scanning
- Free forever, MIT, zero telemetry
Happy to open a PR adding it wherever you think it fits the taxonomy. Bias disclosure: I maintain MCPWatch.
Add MCPWatch as a security plugin / pre-install audit
MCPWatch (https://github.com/lazymac2x/mcpwatch) is an open-source MCP server security scanner that I think would fit this list — it's a "plugin" in the sense that it's the thing you run before you install any other MCP plugin.
What it ships
npx mcpwatch-scanner /path/to/mcp— 10 OWASP MCP Top 10 checks, A–F gradelazymac2x/mcpwatch-action@v1— GitHub Action that blocks insecure MCP PRsHappy to open a PR adding it wherever you think it fits the taxonomy. Bias disclosure: I maintain MCPWatch.