MCP Dev Summit Bengaluru 2026

Most "MCP security scanners" are wrappers around npm audit and regex keyword rules. A November 2025 research survey showed 0% detection on TypeScript servers because the underlying tools never parse the AST and two-thirds of public MCP servers ship in TypeScript.

This talk walks through building an AST pipeline using ts-morph that catches what keyword rules miss: path traversal through fs wrapper functions, command injection even when the command is assembled across intermediate variables, SSRF through aliased URL parameters, and tool handlers registered without any schema validation. The key technical contribution is multi-pass taint tracking following a user parameter through variable aliases before reaching a dangerous sink, which eliminates the false-negative class that makes regex rules useless. Audited against more than 50 MCP servers.

Attendees leave with:
(1) the open-source MCPeek ruleset to drop into CI,
(2) a decision framework for choosing SAST depth per vulnerability class,
(3) the taint-tracking pattern for building MCP-aware rules in any language.

Link to MCPeek: https://github.com/iamakash-06/MCPeek
NPM Package: https://www.npmjs.com/package/mcpeek