Live data report
The State of MCP Exposure
AI agents talk to your systems over the Model Context Protocol. When an MCP server runs without authentication, any agent - or any stranger - can list and often call its tools. This page tracks how exposed that surface really is, using real scans, updated hourly.
Vysiro data collection is live. Domains are never stored - only anonymized counts.
What Vysiro is seeing
Early data. We publish percentages only after 30 servers have been checked, so an early sample can't produce a misleading headline number. So far: 0 checked, 0 with an MCP endpoint, 0 unauthenticated. Run the free checker below to add your domain to the count.
Methodology: each figure is a tally of real scans run through the Vysiro MCP Exposure Checker. A domain is counted once per check; only booleans are stored (endpoint found, auth required, llms.txt present, leak found). No hostnames, no named servers.
Unauthenticated = anyone can call your tools
An MCP server with no auth lets any client enumerate every tool and, in many cases, execute them - read files, hit internal APIs, move data. It's an open door with your agent's permissions.
llms.txt is read by assistants - and by attackers
Teams paste internal URLs and, occasionally, live keys into llms.txt. AI assistants ingest and repeat it. A leaked secret here is a secret in every model's context.
The wider picture (2026)
Independent researchers spent 2026 measuring this surface. These figures are theirs, cited in full - context for why we started tracking it.
MCP servers found exposed on the public internet (Feb 2026).
Backslash / industry scansof scanned MCP servers had no authentication at the protocol level.
AISecHub, MCP's First Yearof ~7,000 MCP servers were potentially vulnerable to SSRF.
BlueRock Securityof organizations feel prepared to secure agentic AI applications.
Cisco State of AI Security 2026Is your AI surface exposed?
Check your domain in seconds. Free, no signup, and your result joins this anonymized count so the picture keeps getting sharper.
Check my domain