decoy-scan

provenance:github:decoy-run/decoy-scan

Security scanner for MCP server configurations. Like npm audit, but for your AI agent tool servers. Finds risky tools, input validation gaps, transport vulnerabilities, and over-permissioned capability chains. Open source, zero dependencies.

View Source ↗Website ↗First seen 1mo agoContact developer ↗

PUBLIC HISTORY

First discoveredApr 22, 2026

IDENTITY

inferred

Identity inferred from code signals. No PROVENANCE.yml found.

Is this yours? Claim it →

METADATA

platformgithub

first seenMar 18, 2026

last updatedApr 21, 2026

last crawledtoday

version—

README BADGE

Add to your README:

![Provenance](https://getprovenance.dev/api/badge?id=provenance:github:decoy-run/decoy-scan)