Audit MCP servers from inside Claude Code. 10 OWASP checks, A-F grade, live leaderboard.
The MCP server that audits other MCP servers. Run MCPWatch security scans from inside Claude Code / Cursor / Windsurf. Drop the above into your Claude Desktop / Cursor / Windsurf MCP config. Restart, and four new tools are available to the agent: Run the 10 OWASP MCP Top 10 checks on a local directory. Returns a grade (A–F), a 0–100 score, and per-finding evidence + remediation. Optionally…
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
The MCP server that audits other MCP servers. Run MCPWatch security scans from inside Claude Code / Cursor / Windsurf. Drop the above into your Claude Desktop / Cursor / Windsurf MCP config. Restart, and four new tools are available to the agent: Run the 10 OWASP MCP Top 10 checks on a local directory. Returns a grade (A–F), a 0–100 score, and per-finding evidence + remediation. Optionally returns a SARIF v2.1.0 document with . Fetch the latest scan for a public GitHub MCP repo from the…