by Puliczek
🔥🔒 Awesome MCP (Model Context Protocol) Security 🖥️
# Add to your Claude Code skills
git clone https://github.com/Puliczek/awesome-mcp-securityGuides for using mcp servers skills like awesome-mcp-security.
Last scanned: 5/8/2026
{
"issues": [],
"status": "PASSED",
"scannedAt": "2026-05-08T05:58:44.146Z",
"semgrepRan": false,
"npmAuditRan": true,
"pipAuditRan": true
}awesome-mcp-security is an open-source mcp servers skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by Puliczek. 🔥🔒 Awesome MCP (Model Context Protocol) Security 🖥️. It has 721 GitHub stars.
Yes. awesome-mcp-security passed SkillsLLM's automated security scan — a dependency vulnerability audit plus prompt-injection heuristics — with no high-severity issues. You can read the full report in the Security Report section on this page.
Clone the repository with "git clone https://github.com/Puliczek/awesome-mcp-security" and add it to your Claude Code skills directory (see the Installation section above).
Yes. SkillsLLM lists many other MCP Servers skills you can browse and compare side by side. Open the MCP Servers category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh awesome-mcp-security against similar tools.
No comments yet. Be the first to share your thoughts!
Top skills in this category by stars
Everything you need to know about Model Context Protocol (MCP) security.
Official Security Considerations from the Official MCP Specification Rev: 2025-03-26
[!NOTE] 15.04.2025: The current MCP auth specification is in progress of being replaced by a more robust specification. Please join the conversation if you have concerns around the current auth specification.
Servers MUST:
Clients SHOULD:
[!WARNING]
For trust & safety and security, clients MUST consider tool annotations to be untrusted unless they come from trusted servers.
[!WARNING]
For trust & safety and security, there SHOULD always be a human in the loop* with the ability to deny tool invocations.Applications SHOULD:
- Provide UI that makes clear which tools are being exposed to the AI model.
- Insert clear visual indicators when tools are invoked.
- Present confirmation prompts to the user for operations, to ensure a human is in the loop.
[!NOTE]
*Human-in-the-Loop (HITL) means that user help monitor and guide automated tasks, like deciding whether to accept tool requests in Cursor.