We kept seeing devs get pwned through MCP tools in ways that security scanners completely miss. So we built an open-source analyzer to catch these attacks. Our first OSS by Mighty team.
The problem: At Defcon, we saw MCP exploits with 100% success rate against Claude and Llama. Three attack patterns:
Hidden Unicode in "error messages" - Paste a colleague's error into Claude, your SSH keys get exfiltrated\nTrusted tool updates - That database tool you've used for months? Last week's update added credential theft\nTool redefinition - Malicious tool redefines "deploy to prod" to run attacker's script
Traditional scanners (CodeQL, SonarQube) catch <15% of these. They're looking for SQLi, not prompt injections hidden in tool descriptions.
What we built:\ngit clone https://github.com/NineSunsInc/mighty-security
python analyzers/comprehensive_mcp_analyzer.py /path/to/your/mcp/tool
Scans for prompt injection, credential exfil, suspicious updates, tool shadowing. Runtime wrapper adds <10ms overhead. Fully local, no telemetry.
Why this matters: 43% of MCP tools have command injection vulns. GitHub's own MCP server was exploitable. We found Fortune 500s running database-connected MCP tools that hadn't been audited since installation.\nWe went from paranoid code review to "AI said it works" in 18 months. The magic is real, but so are the vulnerabilities.
Demo: https://www.loom.com/share/e830c56d39254a788776358c5b03fdc3
GitHub: https://github.com/NineSunsInc/mighty-security
Would love feedback - what MCP security issues have you seen?"},"title":{"fullyHighlighted":false,"matchLevel":"full","matchedWords":["mcp","security"],"value":"Show HN: MCP Security Suite"},"url":{"fullyHighlighted":false,"matchLevel":"partial","matchedWords":["security"],"value":"https://github.com/NineSunsInc/mighty-security"}},"_tags":["story","author_jodoking","story_44904974","show_hn"],"author":"jodoking","children":[44905029,44905063,44905241,44905768,44905848,44905918,44906583,44906951,44907123],"created_at":"2025-08-14T20:01:33Z","created_at_i":1755201693,"num_comments":32,"objectID":"44904974","points":36,"story_id":44904974,"story_text":"Hi HN!
We kept seeing devs get pwned through MCP tools in ways that security scanners completely miss. So we built an open-source analyzer to catch these attacks. Our first OSS by Mighty team.
The problem: At Defcon, we saw MCP exploits with 100% success rate against Claude and Llama. Three attack patterns:
Hidden Unicode in "error messages" - Paste a colleague's error into Claude, your SSH keys get exfiltrated\nTrusted tool updates - That database tool you've used for months? Last week's update added credential theft\nTool redefinition - Malicious tool redefines "deploy to prod" to run attacker's script
Traditional scanners (CodeQL, SonarQube) catch <15% of these. They're looking for SQLi, not prompt injections hidden in tool descriptions.
What we built:\ngit clone https://github.com/NineSunsInc/mighty-security
python analyzers/comprehensive_mcp_analyzer.py /path/to/your/mcp/tool
Scans for prompt injection, credential exfil, suspicious updates, tool shadowing. Runtime wrapper adds <10ms overhead. Fully local, no telemetry.
Why this matters: 43% of MCP tools have command injection vulns. GitHub's own MCP server was exploitable. We found Fortune 500s running database-connected MCP tools that hadn't been audited since installation.\nWe went from paranoid code review to "AI said it works" in 18 months. The magic is real, but so are the vulnerabilities.
Demo: https://www.loom.com/share/e830c56d39254a788776358c5b03fdc3
GitHub: https://github.com/NineSunsInc/mighty-security
Would love feedback - what MCP security issues have you seen?","title":"Show HN: MCP Security Suite","updated_at":"2026-03-31T14:29:56Z","url":"https://github.com/NineSunsInc/mighty-security"},{"_highlightResult":{"author":{"matchLevel":"none","matchedWords":[],"value":"rbanffy"},"title":{"fullyHighlighted":false,"matchLevel":"full","matchedWords":["mcp","security"],"value":"Introduction to MCP Security"},"url":{"fullyHighlighted":false,"matchLevel":"full","matchedWords":["mcp","security"],"value":"https://public.support.unisys.com/framework/publicterms.aspx?returnurl=%2faseries%2fdocs%2fClearPath-MCP-20.0%2f26211060-014%2fWebHelp%2fIntroduction_to_Security_Services%2fSecurity_Overview.htm"}},"_tags":["story","author_rbanffy","story_44015162"],"author":"rbanffy","children":[44017300],"created_at":"2025-05-17T15:53:22Z","created_at_i":1747497202,"num_comments":2,"objectID":"44015162","points":19,"story_id":44015162,"title":"Introduction to MCP Security","updated_at":"2025-05-19T15:46:47Z","url":"https://public.support.unisys.com/framework/publicterms.aspx?returnurl=%2faseries%2fdocs%2fClearPath-MCP-20.0%2f26211060-014%2fWebHelp%2fIntroduction_to_Security_Services%2fSecurity_Overview.htm"},{"_highlightResult":{"author":{"matchLevel":"none","matchedWords":[],"value":"o4isec"},"title":{"fullyHighlighted":false,"matchLevel":"full","matchedWords":["mcp","security"],"value":"Show HN: Smart Scan \u2013 REST API, Dashboard, and CI/CD Tools for MCP Security"},"url":{"matchLevel":"none","matchedWords":[],"value":"https://smart.mcpshark.sh/"}},"_tags":["story","author_o4isec","story_46037112","show_hn"],"author":"o4isec","created_at":"2025-11-24T18:13:07Z","created_at_i":1764007987,"num_comments":0,"objectID":"46037112","points":15,"story_id":46037112,"title":"Show HN: Smart Scan \u2013 REST API, Dashboard, and CI/CD Tools for MCP Security","updated_at":"2026-03-05T23:06:44Z","url":"https://smart.mcpshark.sh/"},{"_highlightResult":{"author":{"matchLevel":"none","matchedWords":[],"value":"devops-coder"},"title":{"fullyHighlighted":false,"matchLevel":"full","matchedWords":["mcp","security"],"value":"Show HN: MCP Security Scanning Tool for CI/CD"},"url":{"matchLevel":"none","matchedWords":[],"value":"https://smart.mcpshark.sh/"}},"_tags":["story","author_devops-coder","story_46050507","show_hn"],"author":"devops-coder","created_at":"2025-11-25T20:41:36Z","created_at_i":1764103296,"num_comments":0,"objectID":"46050507","points":12,"story_id":46050507,"title":"Show HN: MCP Security Scanning Tool for CI/CD","updated_at":"2026-03-05T23:07:37Z","url":"https://smart.mcpshark.sh/"},{"_highlightResult":{"author":{"matchLevel":"none","matchedWords":[],"value":"mooreds"},"title":{"fullyHighlighted":false,"matchLevel":"full","matchedWords":["mcp","security"],"value":"Is MCP a Security Nightmare?: A Look into MCP Authorization with OAuth2"},"url":{"fullyHighlighted":false,"matchLevel":"full","matchedWords":["mcp","security"],"value":"https://cefboud.com/posts/mcp-oauth2-security-authorization/"}},"_tags":["story","author_mooreds","story_45328039"],"author":"mooreds","children":[45328085,45328215],"created_at":"2025-09-22T00:46:42Z","created_at_i":1758502002,"num_comments":1,"objectID":"45328039","points":7,"story_id":45328039,"title":"Is MCP a Security Nightmare?: A Look into MCP Authorization with OAuth2","updated_at":"2026-03-05T22:41:28Z","url":"https://cefboud.com/posts/mcp-oauth2-security-authorization/"},{"_highlightResult":{"author":{"matchLevel":"none","matchedWords":[],"value":"rhavaeis"},"title":{"fullyHighlighted":false,"matchLevel":"full","matchedWords":["mcp","security"],"value":"A quick solution for Cursor MCP security vulnerabilities"},"url":{"matchLevel":"none","matchedWords":[],"value":"https://www.generalanalysis.com/blog/mcpguard"}},"_tags":["story","author_rhavaeis","story_44574966"],"author":"rhavaeis","created_at":"2025-07-15T19:32:53Z","created_at_i":1752607973,"num_comments":0,"objectID":"44574966","points":7,"story_id":44574966,"title":"A quick solution for Cursor MCP security vulnerabilities","updated_at":"2025-07-18T04:26:07Z","url":"https://www.generalanalysis.com/blog/mcpguard"},{"_highlightResult":{"author":{"matchLevel":"none","matchedWords":[],"value":"wunderwuzzi23"},"title":{"fullyHighlighted":false,"matchLevel":"full","matchedWords":["mcp","security"],"value":"Model Context Protocol (MCP): Landscape, Security Threats"},"url":{"matchLevel":"none","matchedWords":[],"value":"https://arxiv.org/abs/2503.23278"}},"_tags":["story","author_wunderwuzzi23","story_43616282"],"author":"wunderwuzzi23","children":[43616309,43618001],"created_at":"2025-04-07T21:44:48Z","created_at_i":1744062288,"num_comments":1,"objectID":"43616282","points":6,"story_id":43616282,"title":"Model Context Protocol (MCP): Landscape, Security Threats","updated_at":"2025-04-08T14:15:26Z","url":"https://arxiv.org/abs/2503.23278"},{"_highlightResult":{"author":{"matchLevel":"none","matchedWords":[],"value":"throwawai123"},"title":{"fullyHighlighted":false,"matchLevel":"full","matchedWords":["mcp","security"],"value":"MCP Security Notification: Tool Poisoning Attacks"},"url":{"fullyHighlighted":false,"matchLevel":"full","matchedWords":["mcp","security"],"value":"https://invariantlabs.ai/blog/mcp-security-notification-tool-poisoning-attacks"}},"_tags":["story","author_throwawai123","story_43601612"],"author":"throwawai123","created_at":"2025-04-06T14:26:18Z","created_at_i":1743949578,"num_comments":0,"objectID":"43601612","points":6,"story_id":43601612,"title":"MCP Security Notification: Tool Poisoning Attacks","updated_at":"2025-04-08T04:09:37Z","url":"https://invariantlabs.ai/blog/mcp-security-notification-tool-poisoning-attacks"}],"hitsPerPage":10,"nbHits":3228,"nbPages":100,"page":0,"params":"query=MCP+security&hitsPerPage=10&advancedSyntax=true&analyticsTags=backend","processingTimeMS":12,"processingTimingsMS":{"_request":{"roundTrip":20},"fetch":{"query":4,"scanning":6,"total":11},"total":12},"query":"MCP security","serverTimeMS":13}