MCP Security Index
Before you install an MCP server, see what it can do. AxioRank enumerates the tools each server declares (read-only, it never calls one) and grades the blast radius of what it can do: write, delete, execute, credential, and wildcard-scope capabilities. Scan a server not listed here.
8 servers in Search & web · 16 with flagged capabilities
- AFetch Anthropic (MCP reference)Search & web · 1 tool · no flagged capabilities
- AExa Search ExaSearch & web · 2 tools · no flagged capabilities
- ATavily Search TavilySearch & web · 5 tools · no flagged capabilities
- AKagi Search KagiSearch & web · 2 tools · no flagged capabilities
- ADuckDuckGo Search nickclydeSearch & web · 2 tools · no flagged capabilities
- FFirecrawl FirecrawlSearch & web · 26 tools · Code-execution capability
- –Perplexity Ask PerplexitySearch & web · scan pending
- –Brave Search BraveSearch & web · scan pending
How the grades work
A grade measures blast radius: how much a server could do if it were compromised or misinstructed, based on the capabilities it declares (write, delete, execute, credential access, wildcard scope). It is not a vulnerability assessment and not a judgment of the vendor. Lower is better: A is 0 to 19, up to F at 80 and above. The scan is read-only. It lists tools and never calls one.
Run a server? You can scan it yourself and embed your grade. See something off? Every server page links a re-scan.
Govern the MCP servers your agents use
AxioRank is the security gateway for AI agents: allowlist servers, block risky tool calls, and get an audit trail of every action.
Start free