Local scanner for MCP tool definitions. Catches prompt injection, unicode tricks, secrets before agents call tools.

Why scan MCP tool definitions for prompt injection?

Tools can embed commands that hijack your agent, leaking data. Scan blocks it upfront, zero overhead.

How do I install asqav-mcp?

`pip install asqav-mcp`. Then `scan_tool_definition()` or `scan_all_tools()`. Runs offline.

🤖 AI Dev Tools

Your AI agent's tools might be backstabbing it with hidden commands. asqav-mcp sniffs them out first.

theAIcatchup Apr 08, 2026 3 min read

asqav-mcp scans MCP tools for 5 key threats like prompt injection and hidden unicode—locally, no latency. 𝕏
Agents blindly trust tool descriptions; this forces security first, averting data leaks. 𝕏
Like Log4Shell for AI: without pre-scans, agent fleets risk mass compromise. 𝕏

Published by

Ship faster. Build smarter.

#MCP Tools #MCP servers #asqav-mcp #prompt injection

Get the best Developer Tools stories of the week in your inbox — no noise, no spam.

Originally reported by dev.to