Capability audit tool

[vinmay]

Hello,

I built a static analysis CLI that audits MCP server code for real-world capabilities (shell execution, credential access, file I/O, dynamic code execution) and which of those capabilities are reachable through registered tools - reachscan.

I recently completed a scan of 50 MCP server repos and published the results:

• 37.5% of scanned repos contain shell execution capability (EXECUTE)
• 32.5% access secrets/credentials from environment variables (SECRETS)
• 10% contain dynamic code execution (DYNAMIC — exec/eval)
• 1 of the repos exposes an unrestricted Python shell via a registered MCP tool

The full write up is here: I Scanned 50 MCP Servers to See What They Can Actually Do

I'm reaching out because I think this information is relevant to the MCP/Agent related work on security guidance for authors.
I'm looking to understand whether the tool and data are useful to this work, and if so, how can I contribute more towards it.