mcp-server-security
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a defensive security guide for Model Context Protocol (MCP) servers, teaching hardening techniques.
- [SAFE]: Implements transport security using TLS 1.3, HSTS, and mTLS configurations for Nginx.
- [SAFE]: Provides secure authentication and authorization patterns using OAuth 2.1, JWT, and hashed API keys.
- [SAFE]: Demonstrates tool-level access control based on user roles and explicit allowlists.
- [SAFE]: Includes input validation logic to mitigate path traversal, SQL injection, and malformed parameters.
- [SAFE]: Implements SSRF prevention via outbound URL validation and domain allowlists.
- [SAFE]: Includes rate limiting and token budget management to prevent resource exhaustion.
- [SAFE]: Provides structured audit logging with sensitive data redaction and tracing.
- [SAFE]: Recommends deployment hardening using Docker/Kubernetes security contexts and Seccomp profiles.
Audit Metadata