mcp-server-security-review
OfficialAudit MCP servers before you trust them.
Software Engineering#github#security audit#mcp#security review#least privilege#credential handling#data exposure
Authorwebrix-ai
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps you quickly assess whether an MCP server is safe to install by surfacing security risks in credentials, data handling, permissions, and transport.
Core Features & Use Cases
- Security Posture Review: Scores the server across credential handling, data exposure, permission scope, transport security, code quality, and documentation.
- Vulnerability Checks: Looks for hardcoded secrets, injection risks, path traversal, excessive permissions, missing validation, and vulnerable dependencies.
- Use Case: A security team can review a new GitHub-hosted MCP server before approving it for internal use and decide whether it is safe, conditional, or rejected.
Quick Start
Ask the Skill to review an MCP server repository, describe its transport and intended use, and produce a security report with findings and remediation steps.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: mcp-server-security-review Download link: https://github.com/webrix-ai/agent-skills/archive/main.zip#mcp-server-security-review Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.