io.github.CSOAI-ORG/owasp-agentic-mcp
OWASP Top 10 for AI Agents security assessment tools. Capabilities: full agent security scan...
Ask AI about io.github.CSOAI-ORG/owasp-agentic-mcp
Powered by Claude · Grounded in docs
I know everything about io.github.CSOAI-ORG/owasp-agentic-mcp. Ask me about installation, configuration, usage, or troubleshooting.
0/500
Reviews
Documentation
OWASP Agentic AI MCP
Security assessment against the OWASP Top 10 for Agentic AI (2025). Prompt injection detection, tool poisoning checks, excessive agency evaluation, and data leakage analysis.
Install · Tools · Pricing · Attestation API
Why This Exists
The OWASP Top 10 for Agentic AI (released 2025) defines the ten most critical security risks for AI agents that can take actions, use tools, and operate autonomously. As organisations deploy MCP servers, LangChain agents, and autonomous AI workflows, these systems face attack vectors that traditional AppSec testing does not cover.
Prompt injection, tool poisoning, excessive agency, and cross-context data leakage are not theoretical: they are actively exploited. CISOs and security teams need a structured way to assess agentic AI deployments against the OWASP classification. This MCP evaluates your agent architecture against all 10 risk categories and produces actionable findings.
Install
pip install owasp-agentic-mcp
Tools
| Tool | OWASP Reference | What it does |
|---|---|---|
assess_agent_security | All 10 risks | Full security posture assessment against OWASP Top 10 for Agentic AI |
check_prompt_injection | Risk A01 | Detect prompt injection attack vectors in agent inputs |
check_tool_poisoning | Risk A02 | Evaluate tool definitions and MCP configs for poisoning risks |
check_excessive_agency | Risk A03 | Assess whether agent has more permissions than needed |
check_data_leakage | Risk A06 | Identify cross-context data leakage paths in agent workflows |
Example
Prompt: "Assess the security of our customer support AI agent.
It has access to 12 MCP tools including database queries, email
sending, and file system access. It operates on user prompts
with no input sanitisation."
Result: Assessment across all 10 OWASP Agentic AI risks with critical
findings: A01 prompt injection (no input sanitisation on user prompts),
A02 tool poisoning (3 MCP tools loaded without integrity checks),
A03 excessive agency (file system + email + database = over-privileged),
A06 data leakage (database query results passed through to email tool
without redaction). Remediation priorities and control recommendations
provided for each finding.
Pricing
| Tier | Price | What you get |
|---|---|---|
| Free | £0 | 10 calls/day — agent security assessment |
| Pro | £199/mo | Unlimited + HMAC-signed attestations + verify URLs |
| Enterprise | £1,499/mo | Multi-tenant + co-branded reports + webhooks |
Attestation API
Every Pro/Enterprise audit produces a cryptographically signed certificate:
POST https://meok-attestation-api.vercel.app/sign
GET https://meok-attestation-api.vercel.app/verify/{cert_id}
Zero-dep verifier: pip install meok-attestation-verify
Links
- Website: meok.ai
- All MCP servers: meok.ai/labs/mcp/servers
- Enterprise support: nicholas@csoai.org
License
MIT