MCP-Security-Review
by Ifásola
Specialized static security scanner for MCP servers and Python tool handlers to prevent injection and data leaks.
- Audit MCP servers before publishing to public registries
- Detect command injection risks in AI tool handlers
- Identify SSRF vulnerabilities in tools that fetch external URLs
$5
· or 25 creditsSecure checkout via Stripe
Included in download
- Audit MCP servers before publishing to public registries
- Detect command injection risks in AI tool handlers
- terminal, network automation included
- Ready for Pure Python 3 stdlib
Sample input
Run a security audit on my new sqlite-mcp-server to make sure there are no injection or path traversal vulnerabilities.
Sample output
[HIGH] SQL Injection Found
- File:
server.py:42 - Code:
db.execute(f"SELECT * FROM logs WHERE id = {tool_input}") - Fix: Use parameterized queries:
db.execute("SELECT * FROM logs WHERE id = ?", (tool_input,))
[MED] Path Traversal Risk
- File:
files.py:12 - Manual Check: Ensure
base_pathis sanitized.
MCP-Security-Review
by Ifásola
Specialized static security scanner for MCP servers and Python tool handlers to prevent injection and data leaks.
$5
· or 25 creditsSecure checkout via Stripe
Included in download
- Audit MCP servers before publishing to public registries
- Detect command injection risks in AI tool handlers
- terminal, network automation included
- Ready for Pure Python 3 stdlib
- Instant install
Sample input
Run a security audit on my new sqlite-mcp-server to make sure there are no injection or path traversal vulnerabilities.
Sample output
[HIGH] SQL Injection Found
- File:
server.py:42 - Code:
db.execute(f"SELECT * FROM logs WHERE id = {tool_input}") - Fix: Use parameterized queries:
db.execute("SELECT * FROM logs WHERE id = ?", (tool_input,))
[MED] Path Traversal Risk
- File:
files.py:12 - Manual Check: Ensure
base_pathis sanitized.
About This Skill
What it does
This skill provides a specialized security audit for Model Context Protocol (MCP) servers and Python-based tool servers. It performs a targeted static analysis focused specifically on the "input-to-sink" path—where AI-generated or user-controlled input meets dangerous system functions.
Why use this skill
AI tools are uniquely vulnerable because they often bridge the gap between natural language and local system execution. Standard scanners often miss the nuances of MCP tool handlers. This skill prioritizes findings in tool-definition files and identifies high-risk patterns like command injection, SSRF, and unsafe deserialization that could lead to full system compromise if an agent is manipulated.
Supported checks
- Injection: Command, Code, SQL, and Server-Side Template Injection.
- Data Safety: Unsafe deserialization (pickle/yaml) and path traversal.
- Network: SSRF via outbound HTTP calls to input-derived URLs.
- Secrets: Scanning for hardcoded credentials or accidental logging of sensitive data.
The output provides a prioritized list of vulnerabilities with exact file paths, line numbers, and actionable remediation steps, followed by a custom manual review checklist for the tool's architecture.
Use Cases
- Audit MCP servers before publishing to public registries
- Detect command injection risks in AI tool handlers
- Identify SSRF vulnerabilities in tools that fetch external URLs
- Find hardcoded secrets or sensitive data exposure in server logs
Known Limitations
- Static analysis only: does not prove exploitability.
- No dynamic tracing for complex data flows.
- Focused on Python: will not scan JS-based MCP servers.
How to Install
mkdir -p ~/.claude/skills && curl -sL https://www.agensi.io/api/install/mcp-security-review -o /tmp/mcp-security-review.zip && unzip -o /tmp/mcp-security-review.zip -d ~/.claude/skills && rm /tmp/mcp-security-review.zipFree skills install directly. Paid skills require purchase - use the download button above after buying.
Reviews
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Early access skill
Be the first to review this skill.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
Tags
Pure Python 3 stdlib, no dependencies.
Creator
Frequently Asked Questions
Learn More About AI Agent Skills
More Premium Skills
sast-configuration
Automate the setup and optimization of Semgrep, SonarQube, and CodeQL for high-signal security testing.
Bounty Security Pattern Master Library — 399 Vulnerability Patterns
A premium library of 399 vulnerability patterns and DeFi attack vectors for AI-driven bug hunting and security audits.
inline-comment
Best way to steer your agents, effortlessly.
PII & Data-Leak Scanner
Scan your schemas, seed data, config, and logs for personal data before it leaks. Detects PII-indicating column and key names (email, ssn, phone, address) across SQL, CSV, and JSON, plus PII in the data itself: email addresses, SSN-like numbers, credit-card-like numbers, phone numbers, and PII written into log files. Each finding is flagged with its location and a GDPR-style review note. Heuristic by design: it surfaces what to review, not a compliance guarantee.