ClaudSkills / Security / security-misc

Mcp Security Audit

Category: Security  ·  Sub-category: security-misc
ai:mcptype:audittype:review
Audit MCP (Model Context Protocol) server configurations for security issues. Use this skill when: - Reviewing .mcp.json files for security risks - Checking MCP server args for hardcoded secrets or shell injection patterns - Validating that MCP servers use pinned versions (not @latest) - Detecting unpinned dependencies in MCP server configurations - Auditing which MCP servers a project registers and whether they're on an approved list - Checking for environment variable usage vs. hardcoded credentials in MCP configs - Any request like "is my MCP config secure?", "audit my MCP servers", or "check .mcp.json" keywords: [mcp, security, audit, secrets, shell-injection, supply-chain, governance]

What this skill does

Mcp Security Audit is a community-contributed Claude Code skill in the security-misc sub-category. It ships as a SKILL.md file that Claude Code auto-discovers under ~/.claude/skills/mcp-security-audit/ and loads when your prompt matches the skill's trigger.

Who uses this skill

The Mcp Security Audit skill is built for security engineers, penetration testers, DevSecOps practitioners, and development teams hardening codebases and infrastructure. It is part of the open ClaudSkills registry, a community-curated catalog of 56,000+ capabilities you can install for Claude Code — the Claude CLI agent.

How to install

Free

Manual install (2 steps)

mkdir -p ~/.claude/skills/mcp-security-audit
curl -L https://claudskills.com/skills/mcp-security-audit/SKILL.md \
  -o ~/.claude/skills/mcp-security-audit/SKILL.md

Or just download SKILL.md directly and drop it into ~/.claude/skills/mcp-security-audit/. Claude Code auto-discovers it on next session.

Skills live at ~/.claude/skills/mcp-security-audit/SKILL.md on macOS/Linux, or %USERPROFILE%\.claude\skills\mcp-security-audit\SKILL.md on Windows. See the full install guide for step-by-step instructions.

Pro

One-click install via the desktop app

The ClaudSkills desktop app installs any skill directly into ~/.claude/skills/ with one click — no terminal required. Pro starts at $9/mo or $149 lifetime.

Pro

For the full experience including quality scoring and one-click install features for each skill — upgrade to Pro.

See pricing → Download desktop app

More Security skills

Browse all Security skills in the ClaudSkills registry, or explore these other picks from the same category:

Browse all Security skills → Top 100 skills
Part of ClaudSkills — the open registry for Claude Code skills.  ·  What's New  ·  Install guide  ·  About  ·  llms.txt

Part of Acreator Store — Adam Lankamer's AI tools: GifPerfect · AspectPerfect · SlomoPerfect · Ucaption · UTagger · AutoXPoster · TestYourSkills