MCPFast / Tools / Security scanner for AI agent tooling: poisoning detection
An open-source tool that analyzes a model's internal activations to detect potentially poisoned MCP servers, skills, and packages before installation.
View on GitHub→This open-source tool provides a critical security layer for developers building with AI agents. It addresses the growing concern of data poisoning within AI agent ecosystems, specifically targeting MCP servers, skills, and packages. By analyzing a model's internal activations, this tool helps identify malicious or compromised components before they are integrated into your development workflow, safeguarding your projects from potential vulnerabilities and performance degradation.
The core function of this security scanner is to detect poisoning attacks within AI agent tooling. It achieves this by examining the internal state of AI models, specifically their activation patterns. When a new MCP server, skill, or package is introduced, the tool runs an analysis to see if its behavior deviates from expected norms or exhibits characteristics indicative of malicious intent. This proactive approach helps prevent the introduction of compromised elements that could lead to incorrect outputs, security breaches, or system instability.
This tool is essential for AI developers , ML engineers , and researchers working with AI agent frameworks, particularly those utilizing MCP servers and custom skills. If you are responsible for the integrity and security of your AI projects, or if you frequently integrate third-party AI components, this scanner provides a vital safeguard. It is also beneficial for platform administrators managing shared AI agent environments who need to ensure the safety and reliability of the available tooling.