MCP security · v0.1
Least-privilege scanner for MCP agents.
Stricture inspects your MCP server configs, maps agent-to-tool access, flags over-permissioned connections, and exports a signed audit report.
Parse configs
Drop in your mcp.json. Stricture extracts servers, commands, tools, transports, env vars, and credential hints.
Score risk
A deterministic risk engine flags shell execution, broad DB access, secrets in config, unknown remotes, and more.
Map access
See exactly which agents can reach which tools. Spot stale references and over-scoped agents.
CLI-first, dashboard-friendly
The scanner core is a pure function over your config JSON — same engine the dashboard runs
is meant to ship as npx stricture next.