We Built the CVE Database for AI Agents and Here's What We Found Scanning 100 MCP Servers

TLDR: We scanned the top 100 MCP servers on Smithery and found prompt injection, external fetch patterns, and tool description poisoning in a significant number of them. We built an open-source scanner and vulnerability standard to catch these which is bawbel-scanner v1.0.1 ships today. The problem nobody is talking about The security industry has spent 30 years building tools to scan code. We have Snyk for dependencies, Semgrep for code patterns, Trivy for containers. The pipeline is well-defended. Then AI agents showed up.