{"slug": "agentlint-a-security-scanner-for-mcp-server-configs", "title": "Agentlint – A security scanner for MCP server configs", "summary": "Agentlint, a security scanner for MCP server configs, has been released to detect dangerous permissions, hardcoded secrets, and missing guardrails before deployment. The tool scans configuration files and assigns risk scores from 1 to 10, flagging critical issues like hardcoded API keys and broad filesystem access. It aims to address the growing security surface of AI agents by providing a standard auditing mechanism.", "body_md": "A security scanner for MCP server configs — catch dangerous permissions, hardcoded secrets, and missing guardrails before you ship.\n\n```\npip install leporis-agentlint\nbash\n$ agentlint scan mcp.json\n┌──────────────────────────────────────────────────────┐\n│  github-server  ######....  6/10                     │\n│  !!  Hardcoded secret: env var 'GITHUB_TOKEN'        │\n│      contains a literal secret value.                │\n│  !   No approval gate: server is missing             │\n│      'requireApproval' or 'humanInLoop' field.       │\n└──────────────────────────────────────────────────────┘\n\n┌──────────────────────────────────────────────────────┐\n│  filesystem  #####.....  5/10                        │\n│  !!  Broad filesystem access: arg '/home' exposes    │\n│      sensitive paths.                                │\n│  !   No approval gate: server is missing             │\n│      'requireApproval' or 'humanInLoop' field.       │\n└──────────────────────────────────────────────────────┘\n\n┌─────────────────── Summary ──────────────────────────┐\n│  Servers scanned     2                               │\n│  Average risk score  5.5 / 10                        │\n│  Critical findings   2                               │\n│  Warnings            2                               │\n│  Total findings      4                               │\n└──────────────────────────────────────────────────────┘\n\n       Highest-Risk Servers\n Server          Score\n github-server   ######.... 6/10\n filesystem      #####..... 5/10\nbash\n$ agentlint scan mcp.json --json\n{\n  \"github-server\": {\n    \"score\": 6,\n    \"findings\": [\n      {\"level\": \"critical\", \"detail\": \"Hardcoded secret: env var 'GITHUB_TOKEN' contains a literal secret value.\"},\n      {\"level\": \"warning\", \"detail\": \"No approval gate: server is missing 'requireApproval' or 'humanInLoop' field.\"}\n    ]\n  }\n}\n```\n\n| # | Check | What it catches | Severity |\n|---|---|---|---|\n| 1 | Hardcoded secrets |\nAPI keys, tokens, passwords, JWTs baked into `env` values |\nCritical |\n| 2 | Broad filesystem access |\nArgs exposing `/home` , `/etc` , `/var` , `~/` , root, Windows drives |\nCritical |\n| 3 | Missing env vars |\nServer name suggests auth (github, postgres, stripe…) but `env` is empty |\nWarning |\n| 4 | No approval gate |\nMissing `requireApproval` or `humanInLoop` field |\nWarning |\n\nEach server gets a risk score **1–10**. Green (≤3), yellow (4–6), red (7+).\n\n``` bash\n$ agentlint ci\nagentlint: 4 servers scanned, 3 critical violations, 2 servers scored >= 7. Build failed.\n```\n\nExits `0`\n\nif clean, `1`\n\nif any server scores ≥ 7. Auto-discovers config from `claude_desktop_config.json`\n\n, `.mcp.json`\n\n, or `mcp.json`\n\nin the repo root.\n\n```\n# .github/workflows/agentlint.yml\nname: agentlint\non:\n  push:\n    branches: [main, master]\n  pull_request:\n    branches: [main, master]\n\njobs:\n  agentlint:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v4\n      - uses: actions/setup-python@v5\n        with:\n          python-version: \"3.12\"\n      - name: Install agentlint\n        run: pip install leporis-agentlint\n      - name: Run agentlint CI check\n        run: agentlint ci\n```\n\nAI agents are shipping with MCP servers that get filesystem access, network access, and raw API keys handed to them at launch. There is no built-in sandbox, no mandatory approval step, and no standard way to audit what a given config actually grants. The industry is racing to give agents *more* capabilities while the security surface grows unchecked. **agentlint** is a single-file scanner that reads your MCP config and tells you what's dangerous — before your agent touches production.", "url": "https://wpnews.pro/news/agentlint-a-security-scanner-for-mcp-server-configs", "canonical_source": "https://github.com/Leporis14/agentlint", "published_at": "2026-06-26 09:47:20+00:00", "updated_at": "2026-06-26 10:05:37.804921+00:00", "lang": "en", "topics": ["ai-safety", "ai-tools", "ai-agents", "developer-tools"], "entities": ["Agentlint", "Leporis", "MCP"], "alternates": {"html": "https://wpnews.pro/news/agentlint-a-security-scanner-for-mcp-server-configs", "markdown": "https://wpnews.pro/news/agentlint-a-security-scanner-for-mcp-server-configs.md", "text": "https://wpnews.pro/news/agentlint-a-security-scanner-for-mcp-server-configs.txt", "jsonld": "https://wpnews.pro/news/agentlint-a-security-scanner-for-mcp-server-configs.jsonld"}}