Handbook
Welcome to the Tool-Scan handbook.
Tool-Scan is a security scanner for MCP (Model Context Protocol) tools. It grades every tool on security, MCP compliance, and quality — catching prompt injection, tool poisoning, data exfiltration, and command injection before they reach production.
What’s inside
Section titled “What’s inside”- Getting Started — Install and first scan
- Security Checks — All threat categories and severity levels
- Grading System — Scoring breakdown, grade scale, and MCP compliance
- Plugins — Custom security rules, compliance checks, and quality validators
- Output Formats — JSON, SARIF, compact, and streaming output
- API Reference — grade_tool, MCPToolGrader, SecurityScanner, ComplianceChecker, PluginRegistry
- CI Integration — GitHub Actions, SARIF upload, pre-commit hooks, exit codes
- Reference — CLI flags, imports, and quick reference
- Beginners Guide — Step-by-step walkthrough for first-time users