We Scanned 17 Popular MCP Servers — Here's What We Found

The Model Context Protocol (MCP) is quickly becoming the standard for connecting AI agents to external tools. Claude Desktop, Cursor, Windsurf, and dozens of other AI apps now MCP servers as plugins. But here's the problem: nobody is checking if these servers are safe to install. We built Agent Shield, a security scanner for AI agent tools, and used it to audit 17 of the most popular MCP servers - including official ones from Anthropic, AWS, Cloudflare, Docker, Brave, and Azure. The results were eye-opening.