Snyk customers now have access to Snyk AI-BOM, Snyk AI Red Teaming, and Snyk MCP-Scan in experimental preview – with more to come!
Identify your AI models, datasets, MCPs, and more. Map your entire AI supply chain across all your apps with Snyk’s AI Bill of Materials – available in both our CLI and as an API.
Start with this command:
$ snyk aibom --experimental [<OPTION>]For Python projects using Snyk CLI v1.1298.3 (or later).
You can also use the Snyk AI-BOM API - get started here.
Continuously test your AI systems against real-world attack scenarios.
Snyk’s AI Automated Red Teaming simulates adversarial attacks on your models and agents to uncover vulnerabilities before attackers do, including prompt injections, data exfiltration, jailbreaks, and tool misuse.
Start with this command:
snyk redteam --experimental --config [<target-config-file-path>]Generates a structured report of all discovered vulnerabilities, including severity and evidence.
MCP-Scan is an open-source tool for analyzing Model Context Protocol (MCP) setups. It automatically discovers MCP servers and tools (e.g., Claude, Cursor, Windsurf) and scans them for common security issues such as prompt injection, tool poisoning, toxic flows, and other vulnerabilities.
Start with these commands:
uvx mcp-scan@latestScans your installed servers for security vulnerabilities in tools, prompts, and resources (automatically discovers MCP configs, including Claude, Cursor, Windsurf, etc.).
mcp-scan ~/.vscode/mcp.jsonScans a particular MCP server configuration. For example, a VS Code MCP config.
Sign up today and be part of building a more secure AI-native tomorrow.
Follow the Snyk Labs journey to:
Get exclusive updates on the development of future security solutions being incubated by Snyk Labs.
Be the first to know about our latest research findings and security insights for AI-native applications.
Apply to co-build an incubation if you’d like to partner with Snyk Labs.