MCP Security & Conformance Auditor

MCPoliceman 9000

GENUINELY BRILLIANT
8/10
The MCP spec is 6 months old and already has more attack surfaces than a Swiss cheese submarine.

An agent that crawls MCP server implementations, validates conformance against the official spec, and red-teams them for security vulnerabilities like tool poisoning, prompt injection via resource URIs, capability escalation, and malicious schema definitions.

This is a genuine gap in a fast-moving ecosystem. Every enterprise adopting MCP right now is flying blind on security — there's no SOC2 checklist, no OWASP-equivalent, no automated scanner. The timing is perfect: MCP is past 'toy project' stage but pre-'security team mandate' stage, which is exactly the window where tooling companies get built and acquired. You'd be selling shovels in a gold rush where the miners are actively getting robbed.

whycantwehaveanagentforthis.com
Try Your Own Problem

Viability Analysis

Market Demand82
Tech Feasibility62
Competition25
Monetization78
AI Disruption Risk70
Fun Factor85

Pros & Cons

What's going for it

Zero serious competitors in the MCP-specific security space — mcp-scan exists but is a weekend project, not a product
Enterprise buyers NEED this for compliance — SOC2, ISO 27001 auditors will start asking about AI tool security within 12 months
MCP server registry is growing fast (500+ community servers) — the attack surface is expanding faster than defenses
Clear monetization path: free CLI scanner drives paid continuous monitoring SaaS for enterprise MCP deployments
First-mover gets to define the standard — you could become the de facto MCP Security Benchmark, which is an acqui-hire magnet

What's against it

The MCP spec is still evolving rapidly — Anthropic ships breaking changes and your conformance rules rot within weeks
Invariant Labs already has mcp-scan and institutional credibility in AI security — they can outrun you with funding
Security tooling has a brutal sales cycle — enterprises want a vendor with 3 years of history, not a 6-month-old startup
False positives in security scanning destroy trust instantly — one wrong 'critical vulnerability' flag on a clean server and you're done
Anthropic could bundle conformance validation directly into the official SDK and kill your entire value prop overnight

Who You're Up Against

Anthropic MCP Inspectorsaas

Official debug/inspection tool for MCP servers — does conformance but zero security testing

low
Invariant Labs Guardrailssaas

AI agent security and policy enforcement, starting to cover agentic tool use patterns

medium
Pillar Securitysaas

AI application security platform covering prompt injection and agent attacks

medium
Prompt Securitysaas

Enterprise prompt injection and data leakage prevention — not MCP-specific but adjacent

low
Lasso Securitysaas

LLM-specific security scanning — covers some agentic attack vectors but not MCP protocol layer

low

Open Source Alternatives

mcp-scan (Invariant Labs)open source

Early open-source MCP server scanner for prompt injection and tool poisoning — the closest existing thing

high
modelcontextprotocol/serversopen source

Official reference server implementations — useful as conformance ground truth but not a security tool

low
garak (LLM vulnerability scanner)open source

LLM red-teaming framework that could be extended to probe MCP tool call attack surfaces

medium

When Will Big AI Kill This?

Most Likely Killer

Anthropic

Timeline: 12-18 months

Now3mo6mo1yr2yrNever

How They'll Do It

They add a --security-audit flag to the official MCP CLI and publish a 'Security Best Practices' certification program that makes third-party scanners look redundant to budget-conscious buyers

Your Survival Strategy

Go deep on multi-protocol support (MCP + A2A + OpenAI tool_use) and position as the vendor-neutral security layer. The moment you're 'the Anthropic MCP scanner' you're dead. Be 'the agentic tool security platform' and Anthropic's move barely touches you.

Confidence

68%

If You're Crazy Enough to Build It

Solo Dev Time

3-4 months for a credible v1 with 20+ security checks and a conformance report — another 2 months to not embarrass yourself in front of a security engineer

Team Size

1 backend dev who has read the MCP spec 10 times + 1 security researcher who thinks in attack trees + 1 person to stop them from shipping CVE writeups as marketing

Estimated Cost

$15,000-$40,000 to MVP including LLM API costs for adversarial probe generation

Tech Stack

PythonMCP Python SDKClaude API (for adversarial test generation)Semgrep (static analysis of server code)PostgreSQL + pgvector (vulnerability pattern storage)

Want to actually build this?

Work with me to ship it.

Survived the verdict? Good. Let's build the damn thing.

Got another problem that needs an agent?

Roast My Problem

whycantwehaveanagentforthis.com