Dev.to
6/25/2026

I Scanned 1,200 MCP Configs From GitHub. Here's What I Found.
Short summary
A security audit of 1,200 real MCP configs found universal vulnerabilities—20.7% CRITICAL/HIGH severity, with zero response limits across all scans. Popular servers grant unrestricted shell and browser access with no approval gates. Pluto AgentGuard, a free open-source scanner, quantifies the MCP config layer as AI's true security boundary.
- •100% of 1,200 scanned MCP configs had security gaps; 20.7% rated CRITICAL or HIGH severity
- •Popular servers (Context7, Chrome DevTools, Serena) enable shell execution and browser control with zero human-in-the-loop approval gates
- •Free open-source tool (Pluto AgentGuard) scans configs locally in 3 minutes, revealing auth gaps, hardcoded secrets, and context safety misconfigurations
Generated with AI, which can make mistakes.
Is this a good recommendation for you?



