mcp-scan (Snyk Agent Scan) focuses on mcp security scanning. Now part of Snyk, many teams evaluate alternatives for broader agent coverage, different deployment models, or pricing that fits their scale. Here are the top competitors to consider.
Category: Agent & MCP Security • Last reviewed: 2026-07-03
Created by ETH Zurich spin-off Invariant Labs and maintained by Snyk since its June 2025 acquisition, mcp-scan auto-discovers agent configurations (Claude, Cursor, Windsurf, Gemini CLI) and scans MCP servers, skills, and harnesses for 15+ risk categories including prompt injection, tool poisoning, tool shadowing, and toxic flows. Rebranded Snyk Agent Scan; v0.5.12 released June 2026.
Agent runtime governance — EDR for AI agents. Guardion governs every agent command, tool call, and data access inline: a security gateway, runtime guardrails, DLP, and detection & incident response for AI agents.
sub-130ms guardrails latency • 96.3 F1 on the Prompt Security Leaderboard with 0.02% false positives • 50M+ agent actions protected per month
A GenAI-first platform focused on protecting LLM interactions, offering a secured gateway, browser integrations, and specialized protection for AI agents via MCP.
Designed to protect AI agents and Model Context Protocol (MCP) workflows through automated discovery, red teaming, and guardrails.
Snyk acquired Zurich-based Invariant Labs in June 2025, folding the research team that coined 'tool poisoning' and 'MCP rug pulls' into Snyk Labs. Invariant's mcp-scan lineage lives on in the open-source Snyk Agent Scan, detecting 15+ risks across MCP servers and agent skills, and feeds Evo by Snyk, its agentic security orchestration platform launched October 2025.
Created by ETH Zurich spin-off Invariant Labs and maintained by Snyk since its June 2025 acquisition, mcp-scan auto-discovers agent configurations (Claude, Cursor, Windsurf, Gemini CLI) and scans MCP servers, skills, and harnesses for 15+ risk categories including prompt injection, tool poisoning, tool shadowing, and toxic flows. Rebranded Snyk Agent Scan; v0.5.12 released June 2026. It is categorized under Agent & MCP Security in the Guardion AI Security Index.
mcp-scan was acquired by Snyk. Created by ETH Zurich spin-off Invariant Labs and maintained by Snyk since its June 2025 acquisition, mcp-scan auto-discovers agent configurations (Claude, Cursor, Windsurf, Gemini CLI) and scans MCP servers, skills, and harnesses for 15+ risk categories including prompt injection, tool poisoning, tool shadowing, and toxic flows
Yes. mcp-scan (Snyk Agent Scan) has an open-source core (https://github.com/invariantlabs-ai/mcp-scan); pricing model: Free / Open Source (Snyk API token required).
Teams evaluating mcp-scan (Snyk Agent Scan) most often compare it with Lasso Security, Akto, Snyk (Invariant Labs), and GuardionAI — all listed under Agent & MCP Security.
mcp-scan (Snyk Agent Scan) focuses on mcp security scanning, while GuardionAI is an agent runtime governance platform ("EDR for AI agents") that governs every agent tool call inline with sub-130ms guardrails latency.
Last reviewed: 2026-07-03
Sources: github.com · invariantlabs.ai