We are pleased to announce our partnership with Smithery, a popular online platform that allows users to extend their agent systems with thousands of capabilities via the Model Context Protocol (MCP).
As part of the partnership, Smithery has integrated Invariant's MCP-Scan tool to protect their users from security vulnerabilities. All MCP servers on Smithery are now scanned for vulnerabilities by Invariant's MCP-Scan. The results of these scans are now part of an MCP server's Smithery registry page, as shown below:
This means, starting today, Invariant is actively protecting thousands of Smithery users from security vulnerabilities in their MCP-augmented applications, by ensuring the tools they use can be trusted and are scanned regularly for vulnerabilities and attacks.
About Smithery
Smithery is a platform and registry that helps developers discover and deploy agentic AI services. Smithery provides a unified interface to thousands of ready-made AI capabilities that can be plugged into applications on demand via MCP. In practice, this means users can extend their agent systems like Claude Desktop and Cursor with capabilities like web search, code execution, database queries, and more as easily as installing a package, instead of writing custom integrations for each tool from scratch.
About MCP-Scan
Invariant developed MCP-Scan, a security scanning tool specifically designed to protect agentic AI systems using MCP. It identifies vulnerabilities like Tool Poisoning Attacks, MCP Rug Pulls, Cross-Origin Escalations, and Prompt Injection Attacks within MCP installations. The tool scans MCP configuration files, retrieves tool descriptions, and analyzes them locally and using the Invariant Guardrails API to find malicious instructions.
MCP-Scan is open source. Contribute or learn more on GitHub.
Partner With Invariant to Secure Your AI systems
Invariant is dedicated to ensuring the safety and robustness of agentic AI systems. Our research and tools address critical vulnerabilities, enabling the safe and secure deployment of AI in real-world scenarios. Reach out if you are interested in collaborating with us, by integrating MCP-Scan or Guardrails to enhance the security and integrity of your agentic systems.