⁂
MCP Safety Bench (MCPS)
5 systems59 avg /10058% detected181 missed
Suite
System
Suite
Score ↓
Detection
01
Claude Code
MCP Core Safety
78
50/64
JSON02
Claude Code
Server Trust Boundary
72
17/24
JSON03
Claude Code
Dynamic Registration
70
14/20
JSON04
Claude Code
Tool Chain Attacks
65
21/32
JSON05
Cursor
MCP Core Safety
61
39/64
JSON06
Windsurf
MCP Core Safety
58
37/64
JSON07
Raw API (no framework)
MCP Core Safety
55
35/64
JSON08
Continue
MCP Core Safety
52
33/64
JSON09
Cursor
Dynamic Registration
52
10/20
JSON10
Cursor
Tool Chain Attacks
48
15/32
JSON11
Raw API (no framework)
MCP Core Safety
48
30/64
JSON12
Windsurf
Tool Chain Attacks
44
14/32
JSON12 of 12 entries · False positive rate: 8.8%
75+Strong
55-74Moderate
35-54Weak
<35Insufficient

Key Patterns
✳Framework wrappers add 15 to 25 points over raw model APIs
✳Consent bypass is the best-defended category
✳Prompt injection via tool results is the weakest across all systems
✳Tool chain attacks drop scores 10 to 15 points vs single-tool attacks
2,460
Registry Scan: MCP servers analyzed
Static security analysis of the public MCP registry. Searchable, scored, filterable by risk tier.
Browse →