Is Mcp Defender safe to use?

Mcp Defender is rated NOT_RECOMMENDED by SpiderRating. Mcp Defender is not recommended — low score (1.57/10) with 1 critical issues.

What are the security risks of Mcp Defender?

Key risk flags: child_process_injection (critical), ts_token_leakage (high), token_leakage (high). Overall security score: 6.0/10 with 1 critical issues.

Are there safer alternatives to Mcp Defender?

Similar tools include: achetronic/mcp-forge, Nexus-Router/nexus, OriNachum/reachy-mini-mcp. View full comparison at spiderrating.com.

Mcp Defender

MCP-Defender/MCP-DefenderAGPL-3.0⭐ 246🔧 1 tools

F1.6SpiderScore (registry)

Use cases:git-ops containers audio-video

⚠ Hard constraint applied: critical vulnerability

Decision

Not Recommended

Confidence

90%

Mcp Defender is not recommended — low score (1.57/10) with 1 critical issues.

Recommended Actions

high
Run In Container
1 critical vulnerabilities require isolation
high
Limit Permissions
Restrict tool access to minimum required scope

Do Not

✗running in production without container isolation
✗using for security-sensitive tasks

Risk Flags (4)

critical
child_process_injection
Command injection â€” execSync() with non-literal command
high
ts_token_leakage
Secret or token may be leaked through error messages, logs, or return values
high
token_leakage×7
Secret or token may be leaked through error messages, logs, or return values
high
ts_path_traversal×2
Potential path traversal -- user input used in file system operations

How This Was Decided

negativew=0.5Overall quality score = 1.57/10 (grade F)
negativew=0.81 critical security issue(s) detected
negativew=0.510 high-severity issue(s) detected
negativew=0.3Tool description clarity score = 0.9/10

Source: SpiderRating automated security scanUpdated: 2026-03-21Protocol: v1.1

Description Quality

Composite: 0.9 / 10

3-Layer Breakdown

Description (38%)

0.9

Security (34%)

6.0

Metadata (28%)

7.1

Description Dimensions

Intent Clarity

0.0

Permission Scope

0.0

Side Effects

2.0

Capability Disclosure

2.0

Operational Boundaries

0.8

Security Analysis

6.0

Score

Critical

High

Medium

Low

Findings Redacted

Detailed security findings are hidden during the 90-day responsible disclosure window. Maintainers have been notified.

1 CRITICAL10 HIGH

Metadata Health

Provenance (40%)

10.0

Maintenance (35%)

4.0

Popularity (25%)

6.9

Badge

Add this badge to your README:

[![SpiderRating](https://spiderrating.com/badge/MCP-Defender__MCP-Defender.svg)](https://spiderrating.com/servers/MCP-Defender/MCP-Defender)

🛡️

Protect Your Agents

Get a free API key. Every MCP tool call checked against 15,923 rated servers in real-time.

Get Free API Key →

📊

Monitor All Your Servers

Dashboard for your entire MCP portfolio. Score tracking, alerts, and compliance reports.

Start Free Trial →

⭐

Scan Locally (Open Source)

Run SpiderShield on your own machine. 46+ security rules, zero data leaves your system.

Star on GitHub →

Similar Servers

Mcp Forgeachetronic/mcp-forge

3.5D

NexusNexus-Router/nexus

2.0F

Reachy Mini McpOriNachum/reachy-mini-mcp

2.0F

Alibabacloud Ack Mcp Serveraliyun/alibabacloud-ack-mcp-server

2.0F

Mcp FlutterArenukvern/mcp_flutter

2.0F