ai-mcp-audit

Solid

Audits MCP servers and skills on demand using LLM coherence analysis to catch capability drift and rug-pulls. Trigger for 'audit this skill', 'is this MCP safe', 'check coherence', 'detect rug-pull', 'snapshot baseline', 'mcp audit'. Three modes: scan (declared-vs-observed), audit-update (post-update diff), baseline set (anchor known-good). Not for runtime payload inspection; use prompt-injection-guard hook instead. Not for CVE scanning; use /ai-security instead.

AI & Automation 52 stars 3 forks Updated 4 days ago MIT

Install

View on GitHub

Quality Score: 89/100

Stars 20%
57
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
80
License 10%
100
Description 5%
100

Skill Content

# MCP Audit — On-Demand Skill & MCP Server Security Audit ## Quick start ``` /ai-mcp-audit scan # coherence analysis (all surfaces) /ai-mcp-audit scan --target <skill-name> # scoped scan (cost-saving) /ai-mcp-audit audit-update <skill-name> # rug-pull detection vs baseline /ai-mcp-audit baseline set --target all # anchor known-good snapshot ``` ## Workflow Cold-path LLM-driven security audit (spec-107 D-107-08). Three modes: 1. **Coherence analysis** — declared `description` vs observed code behavior. 2. **Rug-pull detection** — diff post-update files against trusted baseline. 3. **Baseline anchoring** — tamper-evident reference for future audits. Counterpart to **hot-path** runtime control: - **Hot path (Capa 1)** — `prompt-injection-guard.py` PreToolUse hook, $0 cost, deterministic IOC matching, immune to prompt injection of payload (D-107-06). - **Cold path (Capa 2, this skill)** — on-demand LLM analysis. Apt for post-install review, pre-merge audit. Does NOT replace `/ai-security` (CVE/SBOM), `/ai-governance` (compliance), `/ai-verify` (quality). ## When to Use - After installing a new skill or MCP server (`scan`). - After updating an existing skill, especially auto-update (`audit-update <skill>`). - After fresh-cloning or anchoring known-good state (`baseline set`). - Before merging PRs touching `.agents/skills/`, `.codex/skills/`, `.agents/skills/`, `.github/skills/`. - NOT for runtime payload inspection (use prompt-injection...

Details

Author
arcasilesgroup
Repository
arcasilesgroup/ai-engineering
Created
4 months ago
Last Updated
4 days ago
Language
Python
License
MIT

Integrates with

Model Context Protocol · AI

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Listed

daily-supply-chain-audit

Run a comprehensive daily security audit of all installed MCP servers, Claude Code skills, agent configs, and AI CLI tooling. Detects supply chain attacks, tool-name shadowing, malicious skills, configuration drift, missing CVE patches, and untrusted package versions. Use this skill EVERY MORNING before starting work, on demand when installing a new MCP/skill, or after pulling Walter-OS updates. ALSO trigger when the user asks "is my agent setup safe", "audit my MCPs", "check for vulnerabilities", "any new CVEs", or mentions concerns about supply chain, tool poisoning, prompt injection, or malicious skills.

5 Updated today
Xipher-Labs
AI & Automation Listed

mcp-audit

Audit the project's configured MCP servers against the trust allowlist (.claude/mcp-allowlist.txt) that .claude/hooks/mcp-gate.sh enforces. Lists each configured server, flags servers that are NOT allowlisted (so their tool calls would be blocked or, if the gate is off, run untrusted), and surfaces prompt-injection / supply-chain risk. Use when adding or reviewing MCP servers, before turning on the gate, or when an mcp__* tool call was blocked. Do NOT use to install MCP servers or to run their tools.

1 Updated 4 days ago
tansuasici
AI & Automation Listed

mcp-security-auditor

On-demand audit of MCP usage. Reads .aura/security/mcp-audit.jsonl, surfaces blocked calls, rate-limit hits, suspicious input patterns. Companion to mcp-call-gate hook (which produces the audit log).

19 Updated 2 days ago
nguyenthienthanh