DEV Community

Fenil Patel
Fenil Patel

Posted on

I scanned 670 MCP servers and 78% have significant security issues

What is MCP and why does security matter

[2 paragraphs explaining MCP for people who don't know]

What I found after scanning 670 servers

[The stats — avg score 53, 85 with no auth, 9 production safe]

The attack that started this

[The Postmark story — server with 1500 weekly downloads
BCCing every email to an attacker]

How the scanner works

[Brief explanation of the 4 checks]

The scariest servers

[Show 2-3 specific examples of low scoring servers with
their actual issues — no auth, SSRF vulnerabilities etc]

The safest servers

[Show 2-3 high scoring servers — github-mcp-server at 85]

What you can do

[Check your servers at utir.dev before connecting them]

Open source

[Link to github.com/fenil67/utir]

Top comments (0)