Skip to main content
Your engineers are connecting Cursor, Claude Code, Copilot, and ChatGPT to GitHub, databases, internal APIs, and third-party services through MCP. Each connection is a configuration change that security never reviews. Most of them, you don’t know about. Golf Scanner is a free, open-source CLI that discovers every MCP server across every IDE, classifies each one, and tells you which are risky.

What Is Golf Scanner

Golf Scanner is the open-source edition of Golf Inventory. It scans your environment and gives you a complete inventory of every MCP server — discovered, classified, and risk-scored:
  1. Discovers every MCP server configuration across 7 IDEs
  2. Classifies each server by type (package manager, container, binary, script, HTTP)
  3. Runs 20 security checks against each server
  4. Produces a 0–100 risk score so you know where to start
It’s a single static binary. Pure Go, 3 dependencies, zero telemetry, no account required.

Why It Exists

Engineering teams spun up MCP servers for GitHub, Jira, Postgres, Salesforce. Each through a different approval path — or no approval at all. Your guidelines say “maintain an agent registry.” The registry doesn’t exist. Your auditor asks for a complete record of AI agent interactions with sensitive data. You can’t produce one. Your current tools don’t capture MCP traffic. Your SIEM sees nothing. Golf Scanner exists because you can’t govern what you can’t see. It gives you the inventory — every MCP server across every IDE, every machine, every team. Including the ones nobody told you about.

How It Works

Golf Scanner operates in two phases:
  1. Scan phase: Reads IDE configuration files (JSONC-aware), discovers project-level configs via workspace storage, enumerates servers with their transport type, commands, and arguments
  2. Audit phase: Classifies each server, runs applicable checks (offline first, then online), computes severity-weighted risk scores with hard caps
Online checks query OSV.dev, GitHub API, npm, PyPI, deps.dev, OCI registries, and the MCP Registry. Use --offline to skip them.

Key Properties

  • Single binary — no runtime dependencies, no installation beyond the binary itself
  • 3 Go dependencies — lipgloss (terminal styling), hujson (JSONC parsing), term (TTY detection)
  • 7 IDEs supported — Claude Code, Cursor, VS Code, Windsurf, Gemini CLI, Kiro, Antigravity
  • 20 security checks — 9 run offline, 11 query external APIs
  • Zero account — no signup, no telemetry, no phone-home
  • Fleet scanning — run as root to scan all user home directories

From Discovery to Full MCP Governance

Golf Scanner gives you visibility — a complete inventory of every MCP server in your environment. But discovery is only the first step. When your auditor asks “who authorized these connections?” or “what data flowed through them?” — you need more than a scan. Golf extends discovery into full governance:
  • Golf Inventory — the full scanner product inside Golf Control Plane. Continuous MCP discovery, always up to date, not a point-in-time scan
  • Golf Gateway — policy enforcement per server, per team, per data type. PII redaction. Tool-level RBAC
  • Immutable audit trail — every MCP connection logged. Pre-mapped to SOC 2, ISO 27001, NIST AI RMF
  • Works with every AI tool — Cursor, Claude Code, Copilot, ChatGPT — without changing developer workflows

Explore Golf

Govern every MCP connection — audit, enforce, and protect across your entire organization

Next Steps

Quick Start

Install and run your first security audit in 2 minutes

CLI Reference

All commands, flags, environment variables, and exit codes

Security Checks

What each of the 20 checks detects

Understanding Results

How to read scores, severities, and findings