mcp-security-audit

Solid

Audit MCP (Model Context Protocol) server configurations for security issues. Use this skill when: - Reviewing .mcp.json files for security risks - Checking MCP server args for hardcoded secrets or shell injection patterns - Validating that MCP servers use pinned versions (not @latest) - Detecting unpinned dependencies in MCP server configurations - Auditing which MCP servers a project registers and whether they're on an approved list - Checking for environment variable usage vs. hardcoded credentials in MCP configs - Any request like "is my MCP config secure?", "audit my MCP servers", or "check .mcp.json" keywords: [mcp, security, audit, secrets, shell-injection, supply-chain, governance]

AI & Automation 34,887 stars 4287 forks Updated today MIT

Install

View on GitHub

Quality Score: 93/100

Stars 20%

100

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# MCP Security Audit Audit MCP server configurations for security issues — secrets exposure, shell injection, unpinned dependencies, and unapproved servers. ## Overview MCP servers give agents direct tool access to external systems. A misconfigured `.mcp.json` can expose credentials, allow shell injection, or connect to untrusted servers. This skill catches those issues before they reach production. ``` .mcp.json → Parse Servers → Check Each Server: 1. Secrets in args/env? 2. Shell injection patterns? 3. Unpinned versions (@latest)? 4. Dangerous commands (eval, bash -c)? 5. Server on approved list? → Generate Report ``` ## When to Use - Reviewing any `.mcp.json` file in a project - Onboarding a new MCP server to a project - Auditing all MCP servers in a monorepo or plugin marketplace - Pre-commit checks for MCP configuration changes - Security review of agent tool configurations --- ## Audit Check 1: Hardcoded Secrets Scan MCP server args and env values for hardcoded credentials. ```python import json import re from pathlib import Path SECRET_PATTERNS = [ (r'(?i)(api[_-]?key|token|secret|password|credential)\s*[:=]\s*["\'][^"\']{8,}', "Hardcoded secret"), (r'(?i)Bearer\s+[A-Za-z0-9\-._~+/]+=*', "Hardcoded bearer token"), (r'(?i)(ghp_|gho_|ghu_|ghs_|ghr_)[A-Za-z0-9]{30,}', "GitHub token"), (r'sk-[A-Za-z0-9]{20,}', "OpenAI API key"), (r'AKIA[0-9A-Z]{16}', "AWS access key"), (r'-----BEGIN\s+(RSA\s+)?PRIVATE\s+KEY-----', "Private key")...

Details

Author: github
Repository: github/awesome-copilot
Created: 1 years ago
Last Updated: today
Language: Python
License: MIT

Integrates with

OpenAI · AI Model Context Protocol · AI

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Listed

mcp-audit

Audit the project's configured MCP servers against the trust allowlist (.claude/mcp-allowlist.txt) that .claude/hooks/mcp-gate.sh enforces. Lists each configured server, flags servers that are NOT allowlisted (so their tool calls would be blocked or, if the gate is off, run untrusted), and surfaces prompt-injection / supply-chain risk. Use when adding or reviewing MCP servers, before turning on the gate, or when an mcp__* tool call was blocked. Do NOT use to install MCP servers or to run their tools.

1 Updated 4 days ago

tansuasici

AI & Automation Solid

ai-mcp-audit

Audits MCP servers and skills on demand using LLM coherence analysis to catch capability drift and rug-pulls. Trigger for 'audit this skill', 'is this MCP safe', 'check coherence', 'detect rug-pull', 'snapshot baseline', 'mcp audit'. Three modes: scan (declared-vs-observed), audit-update (post-update diff), baseline set (anchor known-good). Not for runtime payload inspection; use prompt-injection-guard hook instead. Not for CVE scanning; use /ai-security instead.

52 Updated 4 days ago

arcasilesgroup

AI & Automation Listed

daily-supply-chain-audit

Run a comprehensive daily security audit of all installed MCP servers, Claude Code skills, agent configs, and AI CLI tooling. Detects supply chain attacks, tool-name shadowing, malicious skills, configuration drift, missing CVE patches, and untrusted package versions. Use this skill EVERY MORNING before starting work, on demand when installing a new MCP/skill, or after pulling Walter-OS updates. ALSO trigger when the user asks "is my agent setup safe", "audit my MCPs", "check for vulnerabilities", "any new CVEs", or mentions concerns about supply chain, tool poisoning, prompt injection, or malicious skills.

5 Updated today

Xipher-Labs