// RESEARCH

MCP security research

Original MCP security research, built from PolicyLayer's continuously-updated catalogue of 31,000 classified tools across 2,031 public MCP servers. Each audit measures what Model Context Protocol servers can actually do to the systems behind them — which can destroy data, execute commands, or move money — and names the servers carrying the most risk. Updated monthly.

Monthly June 2026 edition

The State of MCP Security

Every tool on every public Model Context Protocol server, classified by risk category. 31,000 tools across 2,031 working servers.
Read the report →

Past editions

May 2026

In progress

State of MCP Approval Gates — how much destructive surface sits behind any approval logic.
State of MCP OAuth — coverage of OAuth and RFC 8707 Resource Indicators across the ecosystem.

Let agents act without letting them run wild.

Deterministic policy on every MCP tool call. Per-identity grants. Full audit log.

GET STARTED →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

MCP security research

The State of MCP Security

Let agents act without letting them run wild.