Secure MCP servers with cnspec
Scan Model Context Protocol (MCP) servers against security best practices with cnspec.
Scan a Model Context Protocol (MCP) server to understand the capabilities it exposes to AI agents and LLM clients. cnspec connects to an MCP server and inventories its tools, prompts, resources, and resource templates so you can review what an agent connected to the server is able to do.
Prerequisites
To scan an MCP server with cnspec, you must have:
- cnspec installed on your workstation
- An MCP server you are authorized to scan, reachable over HTTP or runnable as a local command
Connect to an MCP server
cnspec connects to an MCP server using one of two transports:
- HTTP for remote servers that expose a streamable HTTP endpoint
- stdio for local servers that run as a command
To test access over HTTP, open a cnspec shell:
cnspec shell mcp http https://mcp.example.com/mcpTo connect to a local server over stdio, pass the command to run as a single quoted argument:
cnspec shell mcp stdio "npx -y @modelcontextprotocol/server-everything"Verify the connection by listing the tools the server exposes:
cnspec> mcp.tools { name }
mcp.tools: [
0: {
name: "search_documents"
}
1: {
name: "create_issue"
}
...
]Scan an MCP server
To scan an MCP server over HTTP:
cnspec scan mcp http https://mcp.example.com/mcpTo scan a local MCP server over stdio:
cnspec scan mcp stdio "npx -y @modelcontextprotocol/server-everything"Understand scan output
When a scan completes, cnspec prints a summary of all the checks it ran, grouped by policy. Each check shows a pass or fail result. For example:
✓ Pass: Ensure every exposed tool documents its behavior
✕ Fail: Ensure tool input schemas declare required parameters
✓ Pass: Ensure prompts include a descriptionAt the end of the output, cnspec shows a risk score from 0 (no risk) to 100 (highest risk). Failed checks include remediation guidance to help you fix issues.
Scan with the Mondoo MCP Security policy
Mondoo maintains an out of the box Mondoo Model Context Protocol (MCP) Security policy that reviews the tools, prompts, and resources an MCP server exposes.
Mondoo Platform users: Enable the policy in your space. In the Mondoo Console, go to Findings > Policies, search for "MCP", and add the policy. All future scans of your MCP servers automatically evaluate against it. To learn more, read Manage Policies.
Open source users: Pass the policy bundle URL directly to cnspec:
cnspec scan mcp http https://mcp.example.com/mcp \
--policy-bundle https://raw.githubusercontent.com/mondoohq/cnspec/refs/heads/main/content/mondoo-mcp-security.mql.yamlYou can also create your own policies to meet your specific requirements.
Explore an MCP server
Run cnspec shell mcp http https://mcp.example.com/mcp to open the interactive shell.
Inspect exposed tools
cnspec> mcp.tools { name description }
mcp.tools: [
0: {
name: "search_documents"
description: "Search the knowledge base for matching documents"
}
...
]Review tool input schemas
cnspec> mcp.tools { name inputSchema { type required } }List prompts and resources
cnspec> mcp.prompts { name title description }
cnspec> mcp.resources { name title description }Example security checks
Ensure every tool documents its behavior
cnspec> mcp.tools.all( description != "" )Ensure every prompt includes a description
cnspec> mcp.prompts.all( description != "" )Find tools whose input schema declares no required parameters
cnspec> mcp.tools.where( inputSchema.required.length == 0 ) { name }Learn more
-
To learn more about how the MQL query language works, read Write Effective MQL.
-
To learn about all the MCP resources and properties you can query, read the Mondoo MCP Resource Pack Reference.