MSMCPScan

Secure Audit Intake

MCPScan reviews should start with sanitized configuration whenever possible. Do not send production credentials, active API keys, customer data, private source code, or sensitive files through public GitHub issues or ordinary email.

Safe To Send First

Do Not Send Publicly

Private Handoff Path

After purchase, MCPScan will confirm a private handoff path before reviewing sensitive material. Preferred options are a customer-owned private repository, a customer-owned shared folder, or an encrypted archive with the password sent through a separate channel.

If sensitive material is accidentally submitted through a public channel, MCPScan will pause intake, ask for rotation/redaction as needed, and continue only from a sanitized replacement.

Minimum Intake Package

Start intake Privacy notes Terms