What is MCP and why does security matter
[2 paragraphs explaining MCP for people who don't know]
What I found after scanning 670 servers
[The stats — avg score 53, 85 with no auth, 9 production safe]
The attack that started this
[The Postmark story — server with 1500 weekly downloads
BCCing every email to an attacker]
How the scanner works
[Brief explanation of the 4 checks]
The scariest servers
[Show 2-3 specific examples of low scoring servers with
their actual issues — no auth, SSRF vulnerabilities etc]
The safest servers
[Show 2-3 high scoring servers — github-mcp-server at 85]
What you can do
[Check your servers at utir.dev before connecting them]
Open source
[Link to github.com/fenil67/utir]
Top comments (0)