Best Security MCP servers for AI agents.

wireshark-mcp is the clearest example of the first camp: professional network analysis driven through tshark, giving agents the ability to run security audits, packet deep-dives, and threat detection that previously required a human at a terminal. skylos covers the code side — dead code, secrets, and security detection across Python, TypeScript, and Go — making it a natural pre-commit reviewer for agent-written code.

These tools inherit the operator's privileges, and that's the point: an agent with tshark access can read your network traffic. Treat granting them like granting a human contractor the same access — deliberately, and with logs.

The second camp is newer and arguably more urgent. agent-security-scanner-mcp sits between your agent and the world, blocking prompt injection, detecting fake packages, and scanning for vulnerabilities. shellward packages seven tools covering injection detection, PII scanning, command safety, and data-loss prevention. And MCPProxy takes the infrastructure approach: a local-first proxy in front of all your other MCP servers, with security scanning, a quarantine for suspect tools, and BM25-based tool discovery that cuts token overhead dramatically.

The proxy pattern deserves attention if you run many servers: a single choke point that inspects every tool call beats per-server vigilance, the same way a firewall beats auditing every application individually.

Irony alert: a security server is itself a third-party tool you're injecting into a privileged position. Prefer local-first designs — MCPProxy and Piia Engram both lead with it — so sensitive data never leaves your machine. Read the tool list on the listing page (claimed Loomal listings publish live-probed tool lists), check what the server phones home to, and favor projects whose detection logic is inspectable rather than a black box.

Also be aware this category's tagging is broad: registries classify some compliance and identity-adjacent servers here, like mcp-afip for Argentine electronic invoicing. Read descriptions before assuming everything tagged Security defends a network.

Open source dominates this category, and for the defensive layer that's healthy — you want inspectable code guarding your agent. Where per-call pricing earns its place is hosted analysis with real compute behind it: scan this package, analyze this capture, score this dependency tree. Maintainers offering that as a service can claim their Loomal listing and price per call via x402 — USDC on Base from $0.01, paid by the agent before the handler runs, with an Ed25519-signed receipt for the audit trail. Receipts matter more in this category than most.