auditing-mcp-server-pre-trust
CommunityAudit MCP servers before you trust them
Authorrocklambros
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill prevents risky MCP servers from being added to Claude Code by forcing a disciplined pre-trust review before installation or registration.
Core Features & Use Cases
- License verification: Checks whether the repository has a permissive, explicit license suitable for redistribution and use.
- Source and supply-chain review: Evaluates commit history, contributor patterns, suspicious code, and other red flags that can indicate compromise or hidden behavior.
- Network and secret safety: Identifies outbound connections, telemetry, version-pin issues, and unsafe secret handling before the MCP is trusted.
- Least-privilege tool review: Reviews the tool surface exposed by the MCP and flags oversized or destructive permissions.
- Use Case: A security engineer asks whether a community GitHub MCP should be added to a Claude Code workspace and needs a clear integrate, constrain, or reject decision.
Quick Start
Ask me to audit the MCP server you want to add and return the per-check verdicts, blocking issues, and final recommendation.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: auditing-mcp-server-pre-trust Download link: https://github.com/rocklambros/rcs/archive/main.zip#auditing-mcp-server-pre-trust Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.