The mcp-scan project by Invariant Labs is a security auditing tool designed to analyze Model Context Protocol (MCP) server configurations for potential vulnerabilities. It targets issues such as prompt injections, tool poisoning, and cross-origin escalations by scanning configurations from clients like Claude, Cursor, and Windsurf. Utilizing Invariant Guardrails, it enhances detection capabilities and supports tool pinning to prevent unauthorized tool modifications. The tool can be executed using the command uvx mcp-scan@latest. Licensed under Apache 2.0, mcp-scan serves as a valuable resource for developers aiming to secure their MCP environments.