From d2afb1144909972bd61a293c695e98b1b8b1495e Mon Sep 17 00:00:00 2001
From: Syed Anas Mohiuddin <91664161+SyedAnas01@users.noreply.github.com>
Date: Wed, 6 May 2026 13:22:35 -0500
Subject: [PATCH] =?UTF-8?q?Add=20mcp-safeguard=20=E2=80=94=20MCP=20server?=
 =?UTF-8?q?=20security=20scanner?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index e39f4d00f..5f13c33dd 100644
--- a/README.md
+++ b/README.md
@@ -2293,6 +2293,8 @@ Kani verifies:
 
 - [tfsec](https://github.com/tfsec/tfsec) — Terraform static analysis tool that prevents potential security issues by checking cloud misconfigurations at build time and directly integrates with the HCL parser for better results. Checks for violations of AWS, Azure and GCP security best practice recommendations.
 
+- [mcp-safeguard](https://github.com/SyedAnas01/mcp-safeguard) :python: - Security scanner for MCP (Model Context Protocol) servers. Detects prompt injection in tool descriptions, hardcoded credentials, exposed endpoints, and tool poisoning. CVSS-scored findings. `pip install mcp-safeguard`
+
 - [trufflehog](https://trufflesecurity.com) — Find credentials all over the place
 TruffleHog is an open source secret-scanning engine that resolves exposed secrets across your company’s entire tech stack.