Permission Scope Visualizer
Understand what MCP servers can access. Visualize permission scopes, calculate attack surface scores, and compare servers side by side.
Get the CLI Tool
Run the permission visualizer locally as an MCP server, or try it online below.
npx @clinetools/permission-viz
- Analyze permission scopes of any MCP server
- Calculate attack surface scores (0-100)
- Compare two servers side by side
- Works as a standalone MCP server tool
- Zero config — just run with npx
How to Use It
Three ways to analyze MCP server permissions — pick the one that fits your workflow.
Try Online
Use the interactive demo below to explore permission scopes and compare servers — no install needed.
Use via CLI
Run as a local MCP server and connect any MCP-compatible client.
Add to Cline / Claude Code
Add the tool to your MCP settings for instant access from your AI assistant.
MCP Client Configuration
{
"mcpServers": {
"permission-viz": {
"command": "npx",
"args": ["@clinetools/permission-viz"]
}
}
}
Example: analyze_permissions
// Call the tool with a server name:
analyze_permissions({ server: "filesystem" })
// Output:
{
"server": "Filesystem",
"permissions": {
"file_read": "granted",
"file_write": "granted",
"network_in": "unused",
"network_out": "unused",
"process_spawn": "unused",
"env_access": "unused",
"database": "unused",
"browser": "unused"
},
"attack_surface_score": 35,
"risk_level": "moderate",
"granted_count": 2,
"limited_count": 0,
"unused_count": 6
}
Example: compare_permissions
// Compare two servers:
compare_permissions({ server_a: "filesystem", server_b: "puppeteer" })
// Output:
{
"server_a": {
"name": "Filesystem",
"score": 35,
"risk": "moderate"
},
"server_b": {
"name": "Puppeteer",
"score": 55,
"risk": "high"
},
"differences": [
{ "scope": "file_read", "a": "granted", "b": "unused" },
{ "scope": "file_write", "a": "granted", "b": "unused" },
{ "scope": "network_in", "a": "unused", "b": "granted" },
{ "scope": "network_out", "a": "unused", "b": "granted" },
{ "scope": "process_spawn", "a": "unused", "b": "limited" },
{ "scope": "browser", "a": "unused", "b": "granted" }
],
"recommendation": "Filesystem has a smaller attack surface (35 vs 55)"
}
Try It Online
Select an MCP server to visualize its permission scopes and attack surface score.
Select a server above
Attack Surface Score
Select an MCP server to see its attack surface score.
Side-by-Side Comparison
Pick two MCP servers to compare their permission scopes and attack surface scores.
Why Permission Scope Matters
Every permission an MCP server holds is a potential vector for exploitation. Understanding scope is your first line of defense.
Principle of Least Privilege
MCP servers should request only the minimum permissions they need. Overly broad access means a compromised server can do far more damage. Always question why a tool needs file write or network access.
Attack Surface Reduction
Each granted permission expands the attack surface. File + network access enables data exfiltration. Process spawn enables arbitrary code execution. Fewer permissions mean fewer exploitable vectors.
Network Boundaries
Outbound network access enables data exfiltration. Even if a server only reads files locally, adding network-out means those files can be sent anywhere. Restrict network scopes carefully.
Credential Exposure
Servers with env variable access can read API keys, passwords, and tokens. Combined with network access, a malicious server could harvest credentials and send them to an external endpoint.
Review Before You Approve
Before granting access, compare similar tools and choose the smallest footprint. A search tool should not need file-write. Database permissions can expose PII. Review requirements before installing any MCP server.
Want a Full Security Audit?
Submit your MCP server for a comprehensive permission and security review by our team.
Submit for Review