MCP Server Dev Kit — Build a Secure MCP Server & Audit It Before You Ship
Everything to build a Model Context Protocol server and ship it safely, in one kit. Scaffold a spec-compliant MCP server with the right transport, auth, and tool schemas; audit your server and tool definitions for the agentic-security risks before it goes live; and tighten the AGENTS.md / agent-config that drives it. Build → secure → configure — the full path from empty repo to a server you can trust in production. Save about 20% versus buying the three skills separately.
You save $11 vs buying individually.
What's included (3 skills)
Scaffold a secure, spec-compliant MCP server from a description of the tools you want to expose. Sets up the official SDK (TypeScript or Python/FastMCP), defines tools/resources/prompts with strict JSON Schema, wires the right transport (stdio or Streamable HTTP), adds OAuth 2.1 for remote, and hardens against the MCP-specific footguns — prompt injection via tool output, token passthrough, over-broad scopes, command/path/SSRF injection, leaked secrets — before it ships. Returns a runnable skeleton plus a security checklist. Built by someone who's shipped production MCP servers.
An adversarial gate that audits an MCP server or agent tool definition — schemas, descriptions, scopes, auth — for tool poisoning, excessive agency, injectable descriptions, and missing access controls, then returns one SAFE/REVIEW/BLOCK verdict.
An adversarial reviewer for AGENTS.md and agent instruction files. It flags ambiguous or contradictory rules, missing guardrails, vague tool and scope definitions, and untestable instructions, then returns a PASS / REVISE / BLOCK verdict — before the config drives your agent.