Request a Demo

MCPGuard: First Agent-based MCP Scanner to Protect AI Agents

Introducing VirtueAgent’s new feature for MCP risk scanning

Together with the remarkable coding capabilities of generative AI models and agents come the Model Context Protocol (MCP) servers power the majority of production AI agents, yet our analysis of 700+ implementations reveals that most lack basic security protections. Attackers are already exploiting these vulnerabilities through prompt injection, code execution exploits, and data exfiltration techniques to compromise entire agent ecosystems.

To address this critical security gap, Virtue AI is releasing MCPGuard today, an intelligent security scanner built into our VirtueAgent platform. Unlike traditional static analysis tools, MCPGuard uses specialized AI models to understand code semantics, automatically identifying prompt injection vulnerabilities, unsafe API calls, and insecure data handling practices. 

Since its launch, MCPGuard has analyzed over 700 open-source MCP servers and discovered critical vulnerabilities in 78% of implementations. These findings led to the creation of the industry’s first MCP Security Leaderboard, ranking servers by risk level across sensitivity, security posture, and architectural complexity. We’ve responsibly disclosed 45 high-severity vulnerabilities to maintainers, with 23 already patched and several now being actively pursued as official Common Weakness Enumerations (CWEs).

MCPGuard: a high-level technical overview 

Figure.1 – Technical overview of MCPGuard. Our agent is equipped with specific tools for MCP code inspection, flagging vulnerabilities and providing mitigation suggestions 

MCPGuard structure 

  • Low latency: Our custom language models are specifically fine-tuned for MCP security analysis, enabling them to understand MCP-specific patterns and call specialized security tools with high accuracy. By using smaller, focused models rather than general-purpose LLMs, we achieve faster scan times without sacrificing detection quality. 
  • Specialized Security Tools: Using purpose-built code analysis tools that understand MCP semantics, API patterns, and common vulnerability signatures – dramatically reducing false positives compared to generic static analysis scanners.
  • Persistent Context Tracking: Our guard maintains memory of previous scans and vulnerability patterns across your codebase, enabling it to track security improvements over time and avoid re-flagging resolved issues.

Key functionality

  • Accurate security flaw detection: MCPGuard is more accurate than rule-based scanning, as it can understand and reason about code semantics to reduce false positives; it is also more accurate than model-only scanning, as our agent scaffold provides advanced tools for better context understanding and retrieval. 
  • Support customized policies: Our agent can ingest and comply with user-defined policies, ensuring scans are tailored to specific requirements.
  • Low latency compared to large models: Powered by a lightweight reasoning model, our agent achieves significantly higher efficiency than large models while maintaining accuracy.

First comprehensive MCP leaderboard: MCPGuard on real-world MCPs 

We applied MCPGuard to more than 700 open-source MCPs, putting together the industry’s first MCP Security Leaderboard, which ranks MCPs by sensitivity, security, and complexity. Here, we show a subset of the top-20 popular MCPs, where each one is labeled with High, Medium, and Low on the three dimensions based on the following criteria. 

  • Sensitivity: The level of access to sensitive operations, data, and system resources, low for read-only operations and public APIs only, medium for limited permissions such as file system access, high for high-risk operations such as code execution, email management.
  • Security: This evaluates the codebase for vulnerabilities, unsafe operations, and adherence to secure coding practices, low for no known vulnerabilities, medium for minor security issues such as missing some best practices, high for critical vulnerabilities such as command injection.
  • Complexity: This assesses the codebase’s structure, size, and dependencies, low for simple structure and minimal dependencies, medium for moderate complexity with some architectural patterns, high for complex architecture with intricate logic flows.

Figure.2 – MCP Leaderboard. View the full list here.

The system has already uncovered significant vulnerabilities, which have been responsibly disclosed to developers. Several have been confirmed, and Virtue AI is actively pursuing CWE classifications to standardize these findings.

Why Virtue AI? Our Unique Advantage

The Virtue AI team brings together deep expertise in both AI systems and cybersecurity—a rare combination that’s essential for addressing agent security challenges. Our background includes:

  • Pioneering Research: We’ve published foundational papers in agent security, including early work on reasoning attacks, memory poisoning, and coding agent vulnerabilities
  • System-Level Expertise: Our team understands that AI agents are fundamentally systems problems requiring system-level security solutions
  • Industry Collaboration: We work closely with leading agent builders (Microsoft, Glean, Google AI) to integrate security from the ground up

Take Action: Secure Your AI Agents Today

Don’t wait for a security incident to realize your agents are vulnerable. Virtue AI’s security platform provides:

  • Comprehensive risk assessment across all agent components
  • Automated red-teaming with hundreds of attack scenarios
  • Real-time agent guardrail and threat detection
  • Actionable remediation guidance for identified vulnerabilities
  • Compliance support for industry standards and regulations

The future of AI is agentic, but it must also be secure. Let Virtue AI help you build agents that are both powerful and protected.

Ready to secure your AI agents? Contact our team today to learn more about Virtue AI’s comprehensive security platform and schedule a demonstration tailored to your specific use cases.

[Request Demo] | [LinkedIn]

About Virtue AI: We are a leading provider of security solutions for AI agent systems, committed to enabling the safe and secure deployment of autonomous AI in enterprise environments. Our team of AI and cybersecurity experts is dedicated to staying ahead of emerging threats and protecting organizations as they adopt agentic AI technologies.

Virtue AI Logo

AI. Security. Compliance.

Linkedin Twitter

© 2024 San Francisco, CA 94103