Module · Screen

Screen MCP servers before your agents use them

Submit any MCP server repository and get a multi-layer security review across code, dependencies, secrets, and misconfiguration, synthesized into a structured risk verdict.

Request a demo Read the docs
What it does

A multi-layer pipeline with AI-assisted synthesis

Screen treats every MCP server as untrusted code until it has been audited. Submit a GitHub URL from the MCP Registry in the RenLayer console and we pull the repo at a fixed commit and run a coordinated security review across code, dependencies, secrets, supply-chain risk, and misconfiguration.

Findings are grouped by category and synthesized by an AI engine into a structured risk verdict with a 0–100 score and a critical/high/medium/low/none badge. Every audit has a permanent record so you can rescan, compare, and track risk over time.

Capabilities

What Screen covers

Typosquatting and malicious packages

Catches known-bad patterns and impersonation packages in MCP server dependencies before your agents pull them in.

Hardcoded secrets

Full-history sweep across the repo. Findings tagged as critical exposure surface immediately in the verdict.

Dependency CVEs

Generates a software bill of materials and matches against known vulnerabilities; outdated packages are flagged with severity.

Code flaws and prompt injection

Static analysis plus an AI-assisted pass that explicitly checks for prompt-injection vectors in tool descriptions and system prompts.

Misconfiguration

Surfaces insecure defaults, exposed services, and risky configuration in the MCP server's runtime settings.

Configurable scan depth

Tenant-level setting: conservative, moderate, or aggressive. Higher tiers expand coverage with broader rule families and deeper checks.

What we detect

Scan depth profiles

  • Conservative High-confidence security only Lowest noise. Focuses on the highest-confidence security findings, ideal for fast pre-publication checks.
  • Moderate Balanced coverage (default) Default profile. Balanced coverage across the most common MCP server languages and frameworks.
  • Aggressive Maximum coverage Adds OWASP-style code patterns and broader security audit rules on top of the moderate profile. Recommended for production tenants.
  • Always-on Dependency scanning CVE matching and SBOM-based vulnerability detection on every audit, regardless of profile.
  • Always-on Secret scanning Detection of hardcoded credentials across the full repo history on every audit.
  • Always-on Misconfiguration Insecure defaults and risky runtime configuration flagged on every audit.
How it works

Submit, scan, decide

  1. Submit a GitHub URL

    From the MCP Registry in the console. Owners and admins can submit, rescan, and delete audits.

  2. The audit runs in the background

    We pull the repo at a fixed commit and run the security pipeline. Status updates as the audit progresses.

  3. Findings are synthesized

    An AI engine aggregates the raw output into an executive summary, risk score, and risk badge.

  4. Decide before you connect

    Review findings grouped by category in the audit detail page. Approve, request remediation, or reject the server.

Frequently asked questions

Frequently asked questions

What does Screen actually check?

Five categories of findings: typosquatting and malicious packages, hardcoded secrets, dependency CVEs, code flaws including prompt injection, and misconfiguration. Findings are grouped by category in the audit detail view.

How is the risk score computed?

A baseline score is derived from the count and severity of findings, then refined by the AI synthesis layer based on the executive summary. The result is a 0–100 score with a critical/high/medium/low/none badge.

Can I rescan an MCP server?

Yes. Owners and admins can rescan any audit from the registry. The new run is recorded as a separate audit so you keep a full history per server.

What is the difference between scan depth profiles?

Conservative is the lowest-noise option, focused on the highest-confidence security findings. Moderate broadens coverage across the most common MCP server languages and frameworks. Aggressive expands further with broader security audit rules. Dependency scanning, secret scanning, and misconfiguration checks run on every profile.

Does Screen enforce permissions at runtime?

Today Screen focuses on pre-deployment auditing. Permission scoping and runtime enforcement of MCP server tool calls are on the roadmap.

Join our Design Program

Join the Design Program View documentation